From 02904460000db07ff0eff39f8af2b52d0810b8a7 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 18 May 2021 12:43:13 -0400 Subject: [PATCH] Clang-format changes. --- core/AES.cpp | 458 ++++++++++++++++------------ core/AES.hpp | 150 ++++------ core/AES_aesni.cpp | 546 ++++++++++++++++++---------------- core/AES_armcrypto.cpp | 220 +++++++------- core/Address.hpp | 148 +++------ core/Buf.cpp | 25 +- core/Buf.hpp | 191 ++++++------ core/C25519.cpp | 95 +++--- core/C25519.hpp | 32 +- core/CAPI.cpp | 512 ++++++++++++++++--------------- core/CallContext.hpp | 6 +- core/CapabilityCredential.cpp | 56 ++-- core/CapabilityCredential.hpp | 95 ++---- core/Certificate.cpp | 7 +- core/Certificate.hpp | 65 ++-- core/Containers.hpp | 132 +++----- core/Context.hpp | 31 +- core/Credential.cpp | 35 ++- core/Credential.hpp | 10 +- core/Defaults.cpp | 2 +- core/Defaults.hpp | 2 +- core/Defragmenter.hpp | 53 ++-- core/Dictionary.cpp | 66 ++-- core/Dictionary.hpp | 103 +++---- core/ECC384.hpp | 12 +- core/Endpoint.cpp | 117 +++----- core/Endpoint.hpp | 117 +++----- core/Expect.hpp | 14 +- core/FCV.hpp | 152 ++++------ core/Fingerprint.hpp | 80 ++--- core/Identity.cpp | 181 +++++------ core/Identity.hpp | 111 ++----- core/InetAddress.hpp | 310 +++++++------------ core/LZ4.cpp | 366 ++++++++++------------- core/LZ4.hpp | 4 +- core/Locator.cpp | 53 ++-- core/Locator.hpp | 97 ++---- core/MAC.hpp | 168 ++++------- core/MIMC52.cpp | 182 ++++++++---- core/Member.cpp | 101 ++++--- core/Member.hpp | 75 +++-- core/MembershipCredential.cpp | 79 +++-- core/MembershipCredential.hpp | 78 ++--- core/Meter.hpp | 9 +- core/MulticastGroup.hpp | 55 +--- core/Mutex.hpp | 177 +++-------- core/Network.cpp | 483 +++++++++++++++--------------- core/Network.hpp | 154 ++++------ core/NetworkConfig.cpp | 56 ++-- core/NetworkConfig.hpp | 32 +- core/NetworkController.hpp | 32 +- core/Node.cpp | 283 ++++++++++-------- core/Node.hpp | 84 +++--- core/OS.hpp | 30 +- core/OwnershipCredential.cpp | 26 +- core/OwnershipCredential.hpp | 115 +++---- core/Path.cpp | 8 +- core/Path.hpp | 94 ++---- core/Peer.cpp | 160 ++++++---- core/Peer.hpp | 148 ++++----- core/Poly1305.cpp | 159 +++++----- core/Poly1305.hpp | 18 +- core/Protocol.hpp | 109 +++---- core/RevocationCredential.cpp | 16 +- core/RevocationCredential.hpp | 81 ++--- core/SHA512.cpp | 145 ++++----- core/SHA512.hpp | 24 +- core/Salsa20.cpp | 257 ++++++++-------- core/Salsa20.hpp | 30 +- core/ScopedPtr.hpp | 87 ++---- core/SelfAwareness.cpp | 36 ++- core/SelfAwareness.hpp | 40 ++- core/SharedPtr.hpp | 108 +++---- core/Spinlock.hpp | 18 +- core/Store.hpp | 31 +- core/SymmetricKey.hpp | 43 +-- core/TagCredential.cpp | 16 +- core/TagCredential.hpp | 112 ++----- core/Tests.cpp | 3 +- core/Tests.h | 6 +- core/TinyMap.hpp | 38 ++- core/Topology.cpp | 70 ++--- core/Topology.hpp | 38 +-- core/Trace.cpp | 90 +++--- core/Trace.hpp | 207 +++++-------- core/TriviallyCopyable.hpp | 12 +- core/TrustStore.cpp | 156 +++++----- core/TrustStore.hpp | 37 +-- core/Utils.cpp | 144 ++++----- core/Utils.hpp | 140 ++++----- core/VL1.cpp | 350 +++++++++++++--------- core/VL1.hpp | 50 ++-- core/VL2.cpp | 46 ++- core/VL2.hpp | 44 ++- core/version.h.in | 8 +- core/zerotier.h | 535 +++++++++++++++++---------------- 96 files changed, 4974 insertions(+), 5613 deletions(-) diff --git a/core/AES.cpp b/core/AES.cpp index 02ad79c37..425155b63 100644 --- a/core/AES.cpp +++ b/core/AES.cpp @@ -32,38 +32,47 @@ namespace ZeroTier { namespace { -#define s_bmul32(N, x, y, rh, rl) \ - uint32_t x0t_##N = (x)&0x11111111U; \ - uint32_t x1t_##N = (x)&0x22222222U; \ - uint32_t x2t_##N = (x)&0x44444444U; \ - uint32_t x3t_##N = (x)&0x88888888U; \ - uint32_t y0t_##N = (y)&0x11111111U; \ - uint32_t y1t_##N = (y)&0x22222222U; \ - uint32_t y2t_##N = (y)&0x44444444U; \ - uint32_t y3t_##N = (y)&0x88888888U; \ - uint64_t z0t_##N = (((uint64_t)x0t_##N * y0t_##N) ^ ((uint64_t)x1t_##N * y3t_##N) ^ ((uint64_t)x2t_##N * y2t_##N) ^ ((uint64_t)x3t_##N * y1t_##N)) & 0x1111111111111111ULL; \ - uint64_t z1t_##N = (((uint64_t)x0t_##N * y1t_##N) ^ ((uint64_t)x1t_##N * y0t_##N) ^ ((uint64_t)x2t_##N * y3t_##N) ^ ((uint64_t)x3t_##N * y2t_##N)) & 0x2222222222222222ULL; \ - uint64_t z2t_##N = (((uint64_t)x0t_##N * y2t_##N) ^ ((uint64_t)x1t_##N * y1t_##N) ^ ((uint64_t)x2t_##N * y0t_##N) ^ ((uint64_t)x3t_##N * y3t_##N)) & 0x4444444444444444ULL; \ - z0t_##N |= z1t_##N; \ - z2t_##N |= z0t_##N; \ - uint64_t zt_##N = z2t_##N | ((((uint64_t)x0t_##N * y3t_##N) ^ ((uint64_t)x1t_##N * y2t_##N) ^ ((uint64_t)x2t_##N * y1t_##N) ^ ((uint64_t)x3t_##N * y0t_##N)) & 0x8888888888888888ULL); \ - (rh) = (uint32_t)(zt_##N >> 32U); \ +#define s_bmul32(N, x, y, rh, rl) \ + uint32_t x0t_##N = (x)&0x11111111U; \ + uint32_t x1t_##N = (x)&0x22222222U; \ + uint32_t x2t_##N = (x)&0x44444444U; \ + uint32_t x3t_##N = (x)&0x88888888U; \ + uint32_t y0t_##N = (y)&0x11111111U; \ + uint32_t y1t_##N = (y)&0x22222222U; \ + uint32_t y2t_##N = (y)&0x44444444U; \ + uint32_t y3t_##N = (y)&0x88888888U; \ + uint64_t z0t_##N = (((uint64_t)x0t_##N * y0t_##N) ^ ((uint64_t)x1t_##N * y3t_##N) ^ ((uint64_t)x2t_##N * y2t_##N) \ + ^ ((uint64_t)x3t_##N * y1t_##N)) \ + & 0x1111111111111111ULL; \ + uint64_t z1t_##N = (((uint64_t)x0t_##N * y1t_##N) ^ ((uint64_t)x1t_##N * y0t_##N) ^ ((uint64_t)x2t_##N * y3t_##N) \ + ^ ((uint64_t)x3t_##N * y2t_##N)) \ + & 0x2222222222222222ULL; \ + uint64_t z2t_##N = (((uint64_t)x0t_##N * y2t_##N) ^ ((uint64_t)x1t_##N * y1t_##N) ^ ((uint64_t)x2t_##N * y0t_##N) \ + ^ ((uint64_t)x3t_##N * y3t_##N)) \ + & 0x4444444444444444ULL; \ + z0t_##N |= z1t_##N; \ + z2t_##N |= z0t_##N; \ + uint64_t zt_##N = z2t_##N \ + | ((((uint64_t)x0t_##N * y3t_##N) ^ ((uint64_t)x1t_##N * y2t_##N) \ + ^ ((uint64_t)x2t_##N * y1t_##N) ^ ((uint64_t)x3t_##N * y0t_##N)) \ + & 0x8888888888888888ULL); \ + (rh) = (uint32_t)(zt_##N >> 32U); \ (rl) = (uint32_t)zt_##N; -void s_gfmul(const uint64_t hh, const uint64_t hl, uint64_t& y0, uint64_t& y1) noexcept +void s_gfmul(const uint64_t hh, const uint64_t hl, uint64_t &y0, uint64_t &y1) noexcept { - uint32_t hhh = (uint32_t)(hh >> 32U); - uint32_t hhl = (uint32_t)hh; - uint32_t hlh = (uint32_t)(hl >> 32U); - uint32_t hll = (uint32_t)hl; - uint32_t hhXlh = hhh ^ hlh; - uint32_t hhXll = hhl ^ hll; - uint64_t yl = Utils::ntoh(y0); - uint64_t yh = Utils::ntoh(y1); - uint32_t cilh = (uint32_t)(yh >> 32U); - uint32_t cill = (uint32_t)yh; - uint32_t cihh = (uint32_t)(yl >> 32U); - uint32_t cihl = (uint32_t)yl; + uint32_t hhh = (uint32_t)(hh >> 32U); + uint32_t hhl = (uint32_t)hh; + uint32_t hlh = (uint32_t)(hl >> 32U); + uint32_t hll = (uint32_t)hl; + uint32_t hhXlh = hhh ^ hlh; + uint32_t hhXll = hhl ^ hll; + uint64_t yl = Utils::ntoh(y0); + uint64_t yh = Utils::ntoh(y1); + uint32_t cilh = (uint32_t)(yh >> 32U); + uint32_t cill = (uint32_t)yh; + uint32_t cihh = (uint32_t)(yl >> 32U); + uint32_t cihl = (uint32_t)yl; uint32_t cihXlh = cihh ^ cilh; uint32_t cihXll = cihl ^ cill; uint32_t aah, aal, abh, abl, ach, acl; @@ -98,9 +107,9 @@ void s_gfmul(const uint64_t hh, const uint64_t hl, uint64_t& y0, uint64_t& y1) n uint64_t zhl = (((uint64_t)abh << 32U) | abl) ^ (((uint64_t)cah << 32U) | cal); uint64_t zlh = (((uint64_t)bah << 32U) | bal) ^ (((uint64_t)cbh << 32U) | cbl); uint64_t zll = ((uint64_t)bbh << 32U) | bbl; - zhh = zhh << 1U | zhl >> 63U; - zhl = zhl << 1U | zlh >> 63U; - zlh = zlh << 1U | zll >> 63U; + zhh = zhh << 1U | zhl >> 63U; + zhl = zhl << 1U | zlh >> 63U; + zlh = zlh << 1U | zll >> 63U; zll <<= 1U; zlh ^= (zll << 63U) ^ (zll << 62U) ^ (zll << 57U); zhh ^= zlh ^ (zlh >> 1U) ^ (zlh >> 2U) ^ (zlh >> 7U); @@ -111,9 +120,9 @@ void s_gfmul(const uint64_t hh, const uint64_t hl, uint64_t& y0, uint64_t& y1) n } // anonymous namespace -void AES::GMAC::update(const void* const data, unsigned int len) noexcept +void AES::GMAC::update(const void *const data, unsigned int len) noexcept { - const uint8_t* in = reinterpret_cast(data); + const uint8_t *in = reinterpret_cast(data); _len += len; #ifdef ZT_AES_AESNI @@ -132,12 +141,12 @@ void AES::GMAC::update(const void* const data, unsigned int len) noexcept const uint64_t h0 = _aes.p_k.sw.h[0]; const uint64_t h1 = _aes.p_k.sw.h[1]; - uint64_t y0 = _y[0]; - uint64_t y1 = _y[1]; + uint64_t y0 = _y[0]; + uint64_t y1 = _y[1]; if (_rp) { for (;;) { - if (! len) + if (!len) return; --len; _r[_rp++] = *(in++); @@ -184,8 +193,8 @@ void AES::GMAC::finish(uint8_t tag[16]) noexcept const uint64_t h0 = _aes.p_k.sw.h[0]; const uint64_t h1 = _aes.p_k.sw.h[1]; - uint64_t y0 = _y[0]; - uint64_t y1 = _y[1]; + uint64_t y0 = _y[0]; + uint64_t y1 = _y[1]; if (_rp) { while (_rp < 16) @@ -201,9 +210,9 @@ void AES::GMAC::finish(uint8_t tag[16]) noexcept uint64_t iv2[2]; Utils::copy<12>(iv2, _iv); #if __BYTE_ORDER == __BIG_ENDIAN - reinterpret_cast(iv2)[3] = 0x00000001; + reinterpret_cast(iv2)[3] = 0x00000001; #else - reinterpret_cast(iv2)[3] = 0x01000000; + reinterpret_cast(iv2)[3] = 0x01000000; #endif _aes.encrypt(iv2, iv2); @@ -213,10 +222,10 @@ void AES::GMAC::finish(uint8_t tag[16]) noexcept // AES-CTR ------------------------------------------------------------------------------------------------------------ -void AES::CTR::crypt(const void* const input, unsigned int len) noexcept +void AES::CTR::crypt(const void *const input, unsigned int len) noexcept { - const uint8_t* in = reinterpret_cast(input); - uint8_t* out = _out; + const uint8_t *in = reinterpret_cast(input); + uint8_t *out = _out; #ifdef ZT_AES_AESNI if (likely(Utils::CPUID.aes)) { @@ -233,23 +242,23 @@ void AES::CTR::crypt(const void* const input, unsigned int len) noexcept #endif // ZT_AES_NEON uint64_t keyStream[2]; - uint32_t ctr = Utils::ntoh(reinterpret_cast(_ctr)[3]); + uint32_t ctr = Utils::ntoh(reinterpret_cast(_ctr)[3]); unsigned int totalLen = _len; if ((totalLen & 15U)) { for (;;) { - if (! len) { + if (!len) { _len = (totalLen + len); return; } --len; out[totalLen++] = *(in++); - if (! (totalLen & 15U)) { - _aes.p_encryptSW(reinterpret_cast(_ctr), reinterpret_cast(keyStream)); - reinterpret_cast(_ctr)[3] = Utils::hton(++ctr); - uint8_t* outblk = out + (totalLen - 16); + if (!(totalLen & 15U)) { + _aes.p_encryptSW(reinterpret_cast(_ctr), reinterpret_cast(keyStream)); + reinterpret_cast(_ctr)[3] = Utils::hton(++ctr); + uint8_t *outblk = out + (totalLen - 16); for (int i = 0; i < 16; ++i) - outblk[i] ^= reinterpret_cast(keyStream)[i]; + outblk[i] ^= reinterpret_cast(keyStream)[i]; break; } } @@ -259,14 +268,14 @@ void AES::CTR::crypt(const void* const input, unsigned int len) noexcept _len = (totalLen + len); if (likely(len >= 16)) { - const uint32_t* const restrict rk = _aes.p_k.sw.ek; - const uint32_t ctr0rk0 = Utils::ntoh(reinterpret_cast(_ctr)[0]) ^ rk[0]; - const uint32_t ctr1rk1 = Utils::ntoh(reinterpret_cast(_ctr)[1]) ^ rk[1]; - const uint32_t ctr2rk2 = Utils::ntoh(reinterpret_cast(_ctr)[2]) ^ rk[2]; - const uint32_t m8 = 0x000000ff; - const uint32_t m8_8 = 0x0000ff00; - const uint32_t m8_16 = 0x00ff0000; - const uint32_t m8_24 = 0xff000000; + const uint32_t *const restrict rk = _aes.p_k.sw.ek; + const uint32_t ctr0rk0 = Utils::ntoh(reinterpret_cast(_ctr)[0]) ^ rk[0]; + const uint32_t ctr1rk1 = Utils::ntoh(reinterpret_cast(_ctr)[1]) ^ rk[1]; + const uint32_t ctr2rk2 = Utils::ntoh(reinterpret_cast(_ctr)[2]) ^ rk[2]; + const uint32_t m8 = 0x000000ff; + const uint32_t m8_8 = 0x0000ff00; + const uint32_t m8_16 = 0x00ff0000; + const uint32_t m8_24 = 0xff000000; if (likely((((uintptr_t)out & 7U) == 0U) && (((uintptr_t)in & 7U) == 0U))) { do { uint32_t s0, s1, s2, s3, t0, t1, t2, t3; @@ -275,8 +284,8 @@ void AES::CTR::crypt(const void* const input, unsigned int len) noexcept s2 = ctr2rk2; s3 = ctr++ ^ rk[3]; - const uint64_t in0 = *reinterpret_cast(in); - const uint64_t in1 = *reinterpret_cast(in + 8); + const uint64_t in0 = *reinterpret_cast(in); + const uint64_t in1 = *reinterpret_cast(in + 8); in += 16; t0 = Te0[s0 >> 24U] ^ Te1_r((s1 >> 16U) & m8) ^ Te2_r((s2 >> 8U) & m8) ^ Te3_r(s3 & m8) ^ rk[4]; @@ -331,13 +340,17 @@ void AES::CTR::crypt(const void* const input, unsigned int len) noexcept t1 = Te0[s1 >> 24U] ^ Te1_r((s2 >> 16U) & m8) ^ Te2_r((s3 >> 8U) & m8) ^ Te3_r(s0 & m8) ^ rk[53]; t2 = Te0[s2 >> 24U] ^ Te1_r((s3 >> 16U) & m8) ^ Te2_r((s0 >> 8U) & m8) ^ Te3_r(s1 & m8) ^ rk[54]; t3 = Te0[s3 >> 24U] ^ Te1_r((s0 >> 16U) & m8) ^ Te2_r((s1 >> 8U) & m8) ^ Te3_r(s2 & m8) ^ rk[55]; - s0 = (Te2_r(t0 >> 24U) & m8_24) ^ (Te3_r((t1 >> 16U) & m8) & m8_16) ^ (Te0[(t2 >> 8U) & m8] & m8_8) ^ (Te1_r(t3 & m8) & m8) ^ rk[56]; - s1 = (Te2_r(t1 >> 24U) & m8_24) ^ (Te3_r((t2 >> 16U) & m8) & m8_16) ^ (Te0[(t3 >> 8U) & m8] & m8_8) ^ (Te1_r(t0 & m8) & m8) ^ rk[57]; - s2 = (Te2_r(t2 >> 24U) & m8_24) ^ (Te3_r((t3 >> 16U) & m8) & m8_16) ^ (Te0[(t0 >> 8U) & m8] & m8_8) ^ (Te1_r(t1 & m8) & m8) ^ rk[58]; - s3 = (Te2_r(t3 >> 24U) & m8_24) ^ (Te3_r((t0 >> 16U) & m8) & m8_16) ^ (Te0[(t1 >> 8U) & m8] & m8_8) ^ (Te1_r(t2 & m8) & m8) ^ rk[59]; + s0 = (Te2_r(t0 >> 24U) & m8_24) ^ (Te3_r((t1 >> 16U) & m8) & m8_16) ^ (Te0[(t2 >> 8U) & m8] & m8_8) + ^ (Te1_r(t3 & m8) & m8) ^ rk[56]; + s1 = (Te2_r(t1 >> 24U) & m8_24) ^ (Te3_r((t2 >> 16U) & m8) & m8_16) ^ (Te0[(t3 >> 8U) & m8] & m8_8) + ^ (Te1_r(t0 & m8) & m8) ^ rk[57]; + s2 = (Te2_r(t2 >> 24U) & m8_24) ^ (Te3_r((t3 >> 16U) & m8) & m8_16) ^ (Te0[(t0 >> 8U) & m8] & m8_8) + ^ (Te1_r(t1 & m8) & m8) ^ rk[58]; + s3 = (Te2_r(t3 >> 24U) & m8_24) ^ (Te3_r((t0 >> 16U) & m8) & m8_16) ^ (Te0[(t1 >> 8U) & m8] & m8_8) + ^ (Te1_r(t2 & m8) & m8) ^ rk[59]; - *reinterpret_cast(out) = in0 ^ Utils::hton(((uint64_t)s0 << 32U) | (uint64_t)s1); - *reinterpret_cast(out + 8) = in1 ^ Utils::hton(((uint64_t)s2 << 32U) | (uint64_t)s3); + *reinterpret_cast(out) = in0 ^ Utils::hton(((uint64_t)s0 << 32U) | (uint64_t)s1); + *reinterpret_cast(out + 8) = in1 ^ Utils::hton(((uint64_t)s2 << 32U) | (uint64_t)s3); out += 16; } while ((len -= 16) >= 16); } @@ -401,21 +414,25 @@ void AES::CTR::crypt(const void* const input, unsigned int len) noexcept t1 = Te0[s1 >> 24U] ^ Te1_r((s2 >> 16U) & m8) ^ Te2_r((s3 >> 8U) & m8) ^ Te3_r(s0 & m8) ^ rk[53]; t2 = Te0[s2 >> 24U] ^ Te1_r((s3 >> 16U) & m8) ^ Te2_r((s0 >> 8U) & m8) ^ Te3_r(s1 & m8) ^ rk[54]; t3 = Te0[s3 >> 24U] ^ Te1_r((s0 >> 16U) & m8) ^ Te2_r((s1 >> 8U) & m8) ^ Te3_r(s2 & m8) ^ rk[55]; - s0 = (Te2_r(t0 >> 24U) & m8_24) ^ (Te3_r((t1 >> 16U) & m8) & m8_16) ^ (Te0[(t2 >> 8U) & m8] & m8_8) ^ (Te1_r(t3 & m8) & m8) ^ rk[56]; - s1 = (Te2_r(t1 >> 24U) & m8_24) ^ (Te3_r((t2 >> 16U) & m8) & m8_16) ^ (Te0[(t3 >> 8U) & m8] & m8_8) ^ (Te1_r(t0 & m8) & m8) ^ rk[57]; - s2 = (Te2_r(t2 >> 24U) & m8_24) ^ (Te3_r((t3 >> 16U) & m8) & m8_16) ^ (Te0[(t0 >> 8U) & m8] & m8_8) ^ (Te1_r(t1 & m8) & m8) ^ rk[58]; - s3 = (Te2_r(t3 >> 24U) & m8_24) ^ (Te3_r((t0 >> 16U) & m8) & m8_16) ^ (Te0[(t1 >> 8U) & m8] & m8_8) ^ (Te1_r(t2 & m8) & m8) ^ rk[59]; + s0 = (Te2_r(t0 >> 24U) & m8_24) ^ (Te3_r((t1 >> 16U) & m8) & m8_16) ^ (Te0[(t2 >> 8U) & m8] & m8_8) + ^ (Te1_r(t3 & m8) & m8) ^ rk[56]; + s1 = (Te2_r(t1 >> 24U) & m8_24) ^ (Te3_r((t2 >> 16U) & m8) & m8_16) ^ (Te0[(t3 >> 8U) & m8] & m8_8) + ^ (Te1_r(t0 & m8) & m8) ^ rk[57]; + s2 = (Te2_r(t2 >> 24U) & m8_24) ^ (Te3_r((t3 >> 16U) & m8) & m8_16) ^ (Te0[(t0 >> 8U) & m8] & m8_8) + ^ (Te1_r(t1 & m8) & m8) ^ rk[58]; + s3 = (Te2_r(t3 >> 24U) & m8_24) ^ (Te3_r((t0 >> 16U) & m8) & m8_16) ^ (Te0[(t1 >> 8U) & m8] & m8_8) + ^ (Te1_r(t2 & m8) & m8) ^ rk[59]; - out[0] = in[0] ^ (uint8_t)(s0 >> 24U); - out[1] = in[1] ^ (uint8_t)(s0 >> 16U); - out[2] = in[2] ^ (uint8_t)(s0 >> 8U); - out[3] = in[3] ^ (uint8_t)s0; - out[4] = in[4] ^ (uint8_t)(s1 >> 24U); - out[5] = in[5] ^ (uint8_t)(s1 >> 16U); - out[6] = in[6] ^ (uint8_t)(s1 >> 8U); - out[7] = in[7] ^ (uint8_t)s1; - out[8] = in[8] ^ (uint8_t)(s2 >> 24U); - out[9] = in[9] ^ (uint8_t)(s2 >> 16U); + out[0] = in[0] ^ (uint8_t)(s0 >> 24U); + out[1] = in[1] ^ (uint8_t)(s0 >> 16U); + out[2] = in[2] ^ (uint8_t)(s0 >> 8U); + out[3] = in[3] ^ (uint8_t)s0; + out[4] = in[4] ^ (uint8_t)(s1 >> 24U); + out[5] = in[5] ^ (uint8_t)(s1 >> 16U); + out[6] = in[6] ^ (uint8_t)(s1 >> 8U); + out[7] = in[7] ^ (uint8_t)s1; + out[8] = in[8] ^ (uint8_t)(s2 >> 24U); + out[9] = in[9] ^ (uint8_t)(s2 >> 16U); out[10] = in[10] ^ (uint8_t)(s2 >> 8U); out[11] = in[11] ^ (uint8_t)s2; out[12] = in[12] ^ (uint8_t)(s3 >> 24U); @@ -426,7 +443,7 @@ void AES::CTR::crypt(const void* const input, unsigned int len) noexcept in += 16; } while ((len -= 16) >= 16); } - reinterpret_cast(_ctr)[3] = Utils::hton(ctr); + reinterpret_cast(_ctr)[3] = Utils::hton(ctr); } // Any remaining input is placed in _out. This will be picked up and crypted @@ -451,67 +468,122 @@ void AES::CTR::finish() noexcept // Software AES and AES key expansion --------------------------------------------------------------------------------- -const uint32_t AES::Te0[256] = { 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d, 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, - 0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, - 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f, - 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, - 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, - 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c, 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, - 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, - 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504, 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d, - 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, 0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, - 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, - 0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, - 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818, - 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, - 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, - 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133, 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, - 0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a }; -const uint32_t AES::Te4[256] = { 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b, 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5, 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b, 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676, - 0xcacacaca, 0x82828282, 0xc9c9c9c9, 0x7d7d7d7d, 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0, 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, 0xafafafaf, 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0, - 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626, 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc, 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1, 0x71717171, 0xd8d8d8d8, 0x31313131, 0x15151515, - 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3, 0x18181818, 0x96969696, 0x05050505, 0x9a9a9a9a, 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2, 0xebebebeb, 0x27272727, 0xb2b2b2b2, 0x75757575, - 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a, 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0, 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3, 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484, - 0x53535353, 0xd1d1d1d1, 0x00000000, 0xedededed, 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b, 0x6a6a6a6a, 0xcbcbcbcb, 0xbebebebe, 0x39393939, 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf, - 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, 0xfbfbfbfb, 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585, 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f, 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8, - 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f, 0x92929292, 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5, 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121, 0x10101010, 0xffffffff, 0xf3f3f3f3, 0xd2d2d2d2, - 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec, 0x5f5f5f5f, 0x97979797, 0x44444444, 0x17171717, 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d, 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373, - 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc, 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888, 0x46464646, 0xeeeeeeee, 0xb8b8b8b8, 0x14141414, 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb, - 0xe0e0e0e0, 0x32323232, 0x3a3a3a3a, 0x0a0a0a0a, 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c, 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, 0x62626262, 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979, - 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d, 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9, 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea, 0x65656565, 0x7a7a7a7a, 0xaeaeaeae, 0x08080808, - 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e, 0x1c1c1c1c, 0xa6a6a6a6, 0xb4b4b4b4, 0xc6c6c6c6, 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f, 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, 0x8a8a8a8a, - 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666, 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e, 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9, 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e, - 0xe1e1e1e1, 0xf8f8f8f8, 0x98989898, 0x11111111, 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494, 0x9b9b9b9b, 0x1e1e1e1e, 0x87878787, 0xe9e9e9e9, 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf, - 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, 0x0d0d0d0d, 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868, 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f, 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616 }; -const uint32_t AES::Td0[256] = { 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25, 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, - 0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, - 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94, - 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, 0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, - 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, - 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, - 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, - 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16, 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8, - 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, 0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, - 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422, 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, - 0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, - 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6, - 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, 0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, - 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, - 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89, 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, - 0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 }; -const uint8_t AES::Td4[256] = { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, - 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, - 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, - 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, - 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, - 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, - 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, - 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d }; -const uint32_t AES::rcon[15] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, 0x6c000000, 0xd8000000, 0xab000000, 0x4d000000, 0x9a000000 }; +const uint32_t AES::Te0[256] = { + 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, 0x60303050, + 0x02010103, 0xce6767a9, 0x562b2b7d, 0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d, + 0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b, 0x41adadec, 0xb3d4d467, 0x5fa2a2fd, + 0x45afafea, 0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a, + 0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108, 0xe2717193, + 0xabd8d873, 0x62313153, 0x2a15153f, 0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1, + 0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d, 0xcdebeb26, 0x4e272769, 0x7fb2b2cd, + 0xea75759f, 0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb, + 0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497, 0xa65353f5, + 0xb9d1d168, 0x00000000, 0xc1eded2c, 0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46, + 0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a, 0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, + 0xedfbfb16, 0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81, + 0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a, 0x3f9292ad, + 0x219d9dbc, 0x70383848, 0xf1f5f504, 0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a, + 0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f, 0xbe5f5fe1, 0x359797a2, 0x884444cc, + 0x2e171739, 0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395, + 0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883, 0x8c4646ca, + 0xc7eeee29, 0x6bb8b8d3, 0x2814143c, 0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256, + 0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4, 0x9fc2c25d, 0xbdd3d36e, 0x43acacef, + 0xc46262a6, 0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7, + 0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25, 0xca6565af, + 0xf47a7a8e, 0x47aeaee9, 0x10080818, 0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1, + 0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21, 0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, + 0x0f8a8a85, 0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12, + 0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, + 0xebf8f813, 0x2b9898b3, 0x22111133, 0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22, + 0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a, 0x038c8c8f, 0x59a1a1f8, 0x09898980, + 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, + 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a +}; +const uint32_t AES::Te4[256] = { + 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b, 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5, 0x30303030, + 0x01010101, 0x67676767, 0x2b2b2b2b, 0xfefefefe, 0xd7d7d7d7, 0xabababab, 0x76767676, 0xcacacaca, 0x82828282, + 0xc9c9c9c9, 0x7d7d7d7d, 0xfafafafa, 0x59595959, 0x47474747, 0xf0f0f0f0, 0xadadadad, 0xd4d4d4d4, 0xa2a2a2a2, + 0xafafafaf, 0x9c9c9c9c, 0xa4a4a4a4, 0x72727272, 0xc0c0c0c0, 0xb7b7b7b7, 0xfdfdfdfd, 0x93939393, 0x26262626, + 0x36363636, 0x3f3f3f3f, 0xf7f7f7f7, 0xcccccccc, 0x34343434, 0xa5a5a5a5, 0xe5e5e5e5, 0xf1f1f1f1, 0x71717171, + 0xd8d8d8d8, 0x31313131, 0x15151515, 0x04040404, 0xc7c7c7c7, 0x23232323, 0xc3c3c3c3, 0x18181818, 0x96969696, + 0x05050505, 0x9a9a9a9a, 0x07070707, 0x12121212, 0x80808080, 0xe2e2e2e2, 0xebebebeb, 0x27272727, 0xb2b2b2b2, + 0x75757575, 0x09090909, 0x83838383, 0x2c2c2c2c, 0x1a1a1a1a, 0x1b1b1b1b, 0x6e6e6e6e, 0x5a5a5a5a, 0xa0a0a0a0, + 0x52525252, 0x3b3b3b3b, 0xd6d6d6d6, 0xb3b3b3b3, 0x29292929, 0xe3e3e3e3, 0x2f2f2f2f, 0x84848484, 0x53535353, + 0xd1d1d1d1, 0x00000000, 0xedededed, 0x20202020, 0xfcfcfcfc, 0xb1b1b1b1, 0x5b5b5b5b, 0x6a6a6a6a, 0xcbcbcbcb, + 0xbebebebe, 0x39393939, 0x4a4a4a4a, 0x4c4c4c4c, 0x58585858, 0xcfcfcfcf, 0xd0d0d0d0, 0xefefefef, 0xaaaaaaaa, + 0xfbfbfbfb, 0x43434343, 0x4d4d4d4d, 0x33333333, 0x85858585, 0x45454545, 0xf9f9f9f9, 0x02020202, 0x7f7f7f7f, + 0x50505050, 0x3c3c3c3c, 0x9f9f9f9f, 0xa8a8a8a8, 0x51515151, 0xa3a3a3a3, 0x40404040, 0x8f8f8f8f, 0x92929292, + 0x9d9d9d9d, 0x38383838, 0xf5f5f5f5, 0xbcbcbcbc, 0xb6b6b6b6, 0xdadadada, 0x21212121, 0x10101010, 0xffffffff, + 0xf3f3f3f3, 0xd2d2d2d2, 0xcdcdcdcd, 0x0c0c0c0c, 0x13131313, 0xecececec, 0x5f5f5f5f, 0x97979797, 0x44444444, + 0x17171717, 0xc4c4c4c4, 0xa7a7a7a7, 0x7e7e7e7e, 0x3d3d3d3d, 0x64646464, 0x5d5d5d5d, 0x19191919, 0x73737373, + 0x60606060, 0x81818181, 0x4f4f4f4f, 0xdcdcdcdc, 0x22222222, 0x2a2a2a2a, 0x90909090, 0x88888888, 0x46464646, + 0xeeeeeeee, 0xb8b8b8b8, 0x14141414, 0xdededede, 0x5e5e5e5e, 0x0b0b0b0b, 0xdbdbdbdb, 0xe0e0e0e0, 0x32323232, + 0x3a3a3a3a, 0x0a0a0a0a, 0x49494949, 0x06060606, 0x24242424, 0x5c5c5c5c, 0xc2c2c2c2, 0xd3d3d3d3, 0xacacacac, + 0x62626262, 0x91919191, 0x95959595, 0xe4e4e4e4, 0x79797979, 0xe7e7e7e7, 0xc8c8c8c8, 0x37373737, 0x6d6d6d6d, + 0x8d8d8d8d, 0xd5d5d5d5, 0x4e4e4e4e, 0xa9a9a9a9, 0x6c6c6c6c, 0x56565656, 0xf4f4f4f4, 0xeaeaeaea, 0x65656565, + 0x7a7a7a7a, 0xaeaeaeae, 0x08080808, 0xbabababa, 0x78787878, 0x25252525, 0x2e2e2e2e, 0x1c1c1c1c, 0xa6a6a6a6, + 0xb4b4b4b4, 0xc6c6c6c6, 0xe8e8e8e8, 0xdddddddd, 0x74747474, 0x1f1f1f1f, 0x4b4b4b4b, 0xbdbdbdbd, 0x8b8b8b8b, + 0x8a8a8a8a, 0x70707070, 0x3e3e3e3e, 0xb5b5b5b5, 0x66666666, 0x48484848, 0x03030303, 0xf6f6f6f6, 0x0e0e0e0e, + 0x61616161, 0x35353535, 0x57575757, 0xb9b9b9b9, 0x86868686, 0xc1c1c1c1, 0x1d1d1d1d, 0x9e9e9e9e, 0xe1e1e1e1, + 0xf8f8f8f8, 0x98989898, 0x11111111, 0x69696969, 0xd9d9d9d9, 0x8e8e8e8e, 0x94949494, 0x9b9b9b9b, 0x1e1e1e1e, + 0x87878787, 0xe9e9e9e9, 0xcececece, 0x55555555, 0x28282828, 0xdfdfdfdf, 0x8c8c8c8c, 0xa1a1a1a1, 0x89898989, + 0x0d0d0d0d, 0xbfbfbfbf, 0xe6e6e6e6, 0x42424242, 0x68686868, 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f, + 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616 +}; +const uint32_t AES::Td0[256] = { + 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, 0x2030fa55, + 0xad766df6, 0x88cc7691, 0xf5024c25, 0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67, + 0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6, 0x038f5fe7, 0x15929c95, 0xbf6d7aeb, + 0x955259da, 0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd, + 0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45, 0xb16477e0, + 0xbb6bae84, 0xfe81a01c, 0xf9082b94, 0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2, + 0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5, 0x302887f2, 0x23bfa5b2, 0x02036aba, + 0xed16825c, 0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a, + 0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051, 0x3e218af9, + 0x96dd063d, 0xdd3e05ae, 0x4de6bd46, 0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997, + 0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb, 0xa17c0a47, 0x7c420fe9, 0xf8841ec9, + 0x00000000, 0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927, + 0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, + 0x61dc20a2, 0x5a774b69, 0x1c121a16, 0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad, + 0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd, 0xf701269f, 0x5c72f5bc, 0x44663bc5, + 0x5bfb7e34, 0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120, + 0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, + 0xa970b999, 0x119448fa, 0x47e96422, 0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1, + 0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4, 0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, + 0x547e4662, 0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3, + 0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8, 0xe6956e65, + 0xaaffe67e, 0x21bccf08, 0xef15e8e6, 0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331, + 0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815, 0xf104984a, 0x41ecdaf7, 0x7fcd500e, + 0x1791f62f, 0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f, + 0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713, 0x9ad7618c, + 0x37a10c7a, 0x59f8148e, 0xeb133c89, 0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f, + 0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86, 0xcaaff381, 0xb968c43e, 0x3824342c, + 0xc2a3405f, 0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190, + 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 +}; +const uint8_t AES::Td4[256] = { + 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, + 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, + 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, + 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, + 0x5d, 0x65, 0xb6, 0x92, 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, + 0x84, 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, 0xd0, 0x2c, + 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, 0x3a, 0x91, 0x11, 0x41, 0x4f, + 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, + 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, + 0x0e, 0xaa, 0x18, 0xbe, 0x1b, 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, + 0x5a, 0xf4, 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, 0x60, + 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, 0xa0, 0xe0, 0x3b, 0x4d, + 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, + 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d +}; +const uint32_t AES::rcon[15] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, + 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, + 0x6c000000, 0xd8000000, 0xab000000, 0x4d000000, 0x9a000000 }; -void AES::p_initSW(const uint8_t* key) noexcept +void AES::p_initSW(const uint8_t *key) noexcept { - uint32_t* rk = p_k.sw.ek; + uint32_t *rk = p_k.sw.ek; rk[0] = Utils::loadBigEndian(key); rk[1] = Utils::loadBigEndian(key + 4); @@ -523,21 +595,23 @@ void AES::p_initSW(const uint8_t* key) noexcept rk[7] = Utils::loadBigEndian(key + 28); for (int i = 0;;) { uint32_t temp = rk[7]; - rk[8] = rk[0] ^ (Te2_r((temp >> 16U) & 0xffU) & 0xff000000U) ^ (Te3_r((temp >> 8U) & 0xffU) & 0x00ff0000U) ^ (Te0[(temp)&0xffU] & 0x0000ff00U) ^ (Te1_r(temp >> 24U) & 0x000000ffU) ^ rcon[i]; - rk[9] = rk[1] ^ rk[8]; + rk[8] = rk[0] ^ (Te2_r((temp >> 16U) & 0xffU) & 0xff000000U) ^ (Te3_r((temp >> 8U) & 0xffU) & 0x00ff0000U) + ^ (Te0[(temp)&0xffU] & 0x0000ff00U) ^ (Te1_r(temp >> 24U) & 0x000000ffU) ^ rcon[i]; + rk[9] = rk[1] ^ rk[8]; rk[10] = rk[2] ^ rk[9]; rk[11] = rk[3] ^ rk[10]; if (++i == 7) break; - temp = rk[11]; - rk[12] = rk[4] ^ (Te2_r(temp >> 24U) & 0xff000000U) ^ (Te3_r((temp >> 16U) & 0xffU) & 0x00ff0000U) ^ (Te0[(temp >> 8U) & 0xffU] & 0x0000ff00U) ^ (Te1_r((temp)&0xffU) & 0x000000ffU); + temp = rk[11]; + rk[12] = rk[4] ^ (Te2_r(temp >> 24U) & 0xff000000U) ^ (Te3_r((temp >> 16U) & 0xffU) & 0x00ff0000U) + ^ (Te0[(temp >> 8U) & 0xffU] & 0x0000ff00U) ^ (Te1_r((temp)&0xffU) & 0x000000ffU); rk[13] = rk[5] ^ rk[12]; rk[14] = rk[6] ^ rk[13]; rk[15] = rk[7] ^ rk[14]; rk += 8; } - p_encryptSW((const uint8_t*)Utils::ZERO256, (uint8_t*)p_k.sw.h); + p_encryptSW((const uint8_t *)Utils::ZERO256, (uint8_t *)p_k.sw.h); p_k.sw.h[0] = Utils::ntoh(p_k.sw.h[0]); p_k.sw.h[1] = Utils::ntoh(p_k.sw.h[1]); @@ -547,38 +621,42 @@ void AES::p_initSW(const uint8_t* key) noexcept for (int i = 0, j = 56; i < j; i += 4, j -= 4) { uint32_t temp = rk[i]; - rk[i] = rk[j]; - rk[j] = temp; - temp = rk[i + 1]; - rk[i + 1] = rk[j + 1]; - rk[j + 1] = temp; - temp = rk[i + 2]; - rk[i + 2] = rk[j + 2]; - rk[j + 2] = temp; - temp = rk[i + 3]; - rk[i + 3] = rk[j + 3]; - rk[j + 3] = temp; + rk[i] = rk[j]; + rk[j] = temp; + temp = rk[i + 1]; + rk[i + 1] = rk[j + 1]; + rk[j + 1] = temp; + temp = rk[i + 2]; + rk[i + 2] = rk[j + 2]; + rk[j + 2] = temp; + temp = rk[i + 3]; + rk[i + 3] = rk[j + 3]; + rk[j + 3] = temp; } for (int i = 1; i < 14; ++i) { rk += 4; - rk[0] = Td0[Te4[(rk[0] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[0] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[0] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[0]) & 0xffU] & 0xffU); - rk[1] = Td0[Te4[(rk[1] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[1] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[1] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[1]) & 0xffU] & 0xffU); - rk[2] = Td0[Te4[(rk[2] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[2] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[2] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[2]) & 0xffU] & 0xffU); - rk[3] = Td0[Te4[(rk[3] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[3] >> 16U) & 0xffU] & 0xffU) ^ Td2_r(Te4[(rk[3] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[3]) & 0xffU] & 0xffU); + rk[0] = Td0[Te4[(rk[0] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[0] >> 16U) & 0xffU] & 0xffU) + ^ Td2_r(Te4[(rk[0] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[0]) & 0xffU] & 0xffU); + rk[1] = Td0[Te4[(rk[1] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[1] >> 16U) & 0xffU] & 0xffU) + ^ Td2_r(Te4[(rk[1] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[1]) & 0xffU] & 0xffU); + rk[2] = Td0[Te4[(rk[2] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[2] >> 16U) & 0xffU] & 0xffU) + ^ Td2_r(Te4[(rk[2] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[2]) & 0xffU] & 0xffU); + rk[3] = Td0[Te4[(rk[3] >> 24U)] & 0xffU] ^ Td1_r(Te4[(rk[3] >> 16U) & 0xffU] & 0xffU) + ^ Td2_r(Te4[(rk[3] >> 8U) & 0xffU] & 0xffU) ^ Td3_r(Te4[(rk[3]) & 0xffU] & 0xffU); } } -void AES::p_encryptSW(const uint8_t* in, uint8_t* out) const noexcept +void AES::p_encryptSW(const uint8_t *in, uint8_t *out) const noexcept { - const uint32_t* const restrict rk = p_k.sw.ek; - const uint32_t m8 = 0x000000ff; - const uint32_t m8_8 = 0x0000ff00; - const uint32_t m8_16 = 0x00ff0000; - const uint32_t m8_24 = 0xff000000; - uint32_t s0 = Utils::loadBigEndian(in) ^ rk[0]; - uint32_t s1 = Utils::loadBigEndian(in + 4) ^ rk[1]; - uint32_t s2 = Utils::loadBigEndian(in + 8) ^ rk[2]; - uint32_t s3 = Utils::loadBigEndian(in + 12) ^ rk[3]; + const uint32_t *const restrict rk = p_k.sw.ek; + const uint32_t m8 = 0x000000ff; + const uint32_t m8_8 = 0x0000ff00; + const uint32_t m8_16 = 0x00ff0000; + const uint32_t m8_24 = 0xff000000; + uint32_t s0 = Utils::loadBigEndian(in) ^ rk[0]; + uint32_t s1 = Utils::loadBigEndian(in + 4) ^ rk[1]; + uint32_t s2 = Utils::loadBigEndian(in + 8) ^ rk[2]; + uint32_t s3 = Utils::loadBigEndian(in + 12) ^ rk[3]; uint32_t t0, t1, t2, t3; t0 = Te0[s0 >> 24U] ^ Te1_r((s1 >> 16U) & m8) ^ Te2_r((s2 >> 8U) & m8) ^ Te3_r(s3 & m8) ^ rk[4]; @@ -633,10 +711,14 @@ void AES::p_encryptSW(const uint8_t* in, uint8_t* out) const noexcept t1 = Te0[s1 >> 24U] ^ Te1_r((s2 >> 16U) & m8) ^ Te2_r((s3 >> 8U) & m8) ^ Te3_r(s0 & m8) ^ rk[53]; t2 = Te0[s2 >> 24U] ^ Te1_r((s3 >> 16U) & m8) ^ Te2_r((s0 >> 8U) & m8) ^ Te3_r(s1 & m8) ^ rk[54]; t3 = Te0[s3 >> 24U] ^ Te1_r((s0 >> 16U) & m8) ^ Te2_r((s1 >> 8U) & m8) ^ Te3_r(s2 & m8) ^ rk[55]; - s0 = (Te2_r(t0 >> 24U) & m8_24) ^ (Te3_r((t1 >> 16U) & m8) & m8_16) ^ (Te0[(t2 >> 8U) & m8] & m8_8) ^ (Te1_r(t3 & m8) & m8) ^ rk[56]; - s1 = (Te2_r(t1 >> 24U) & m8_24) ^ (Te3_r((t2 >> 16U) & m8) & m8_16) ^ (Te0[(t3 >> 8U) & m8] & m8_8) ^ (Te1_r(t0 & m8) & m8) ^ rk[57]; - s2 = (Te2_r(t2 >> 24U) & m8_24) ^ (Te3_r((t3 >> 16U) & m8) & m8_16) ^ (Te0[(t0 >> 8U) & m8] & m8_8) ^ (Te1_r(t1 & m8) & m8) ^ rk[58]; - s3 = (Te2_r(t3 >> 24U) & m8_24) ^ (Te3_r((t0 >> 16U) & m8) & m8_16) ^ (Te0[(t1 >> 8U) & m8] & m8_8) ^ (Te1_r(t2 & m8) & m8) ^ rk[59]; + s0 = (Te2_r(t0 >> 24U) & m8_24) ^ (Te3_r((t1 >> 16U) & m8) & m8_16) ^ (Te0[(t2 >> 8U) & m8] & m8_8) + ^ (Te1_r(t3 & m8) & m8) ^ rk[56]; + s1 = (Te2_r(t1 >> 24U) & m8_24) ^ (Te3_r((t2 >> 16U) & m8) & m8_16) ^ (Te0[(t3 >> 8U) & m8] & m8_8) + ^ (Te1_r(t0 & m8) & m8) ^ rk[57]; + s2 = (Te2_r(t2 >> 24U) & m8_24) ^ (Te3_r((t3 >> 16U) & m8) & m8_16) ^ (Te0[(t0 >> 8U) & m8] & m8_8) + ^ (Te1_r(t1 & m8) & m8) ^ rk[58]; + s3 = (Te2_r(t3 >> 24U) & m8_24) ^ (Te3_r((t0 >> 16U) & m8) & m8_16) ^ (Te0[(t1 >> 8U) & m8] & m8_8) + ^ (Te1_r(t2 & m8) & m8) ^ rk[59]; Utils::storeBigEndian(out, s0); Utils::storeBigEndian(out + 4, s1); @@ -644,14 +726,14 @@ void AES::p_encryptSW(const uint8_t* in, uint8_t* out) const noexcept Utils::storeBigEndian(out + 12, s3); } -void AES::p_decryptSW(const uint8_t* in, uint8_t* out) const noexcept +void AES::p_decryptSW(const uint8_t *in, uint8_t *out) const noexcept { - const uint32_t* restrict rk = p_k.sw.dk; - const uint32_t m8 = 0x000000ff; - uint32_t s0 = Utils::loadBigEndian(in) ^ rk[0]; - uint32_t s1 = Utils::loadBigEndian(in + 4) ^ rk[1]; - uint32_t s2 = Utils::loadBigEndian(in + 8) ^ rk[2]; - uint32_t s3 = Utils::loadBigEndian(in + 12) ^ rk[3]; + const uint32_t *restrict rk = p_k.sw.dk; + const uint32_t m8 = 0x000000ff; + uint32_t s0 = Utils::loadBigEndian(in) ^ rk[0]; + uint32_t s1 = Utils::loadBigEndian(in + 4) ^ rk[1]; + uint32_t s2 = Utils::loadBigEndian(in + 8) ^ rk[2]; + uint32_t s3 = Utils::loadBigEndian(in + 12) ^ rk[3]; uint32_t t0, t1, t2, t3; t0 = Td0[s0 >> 24U] ^ Td1_r((s3 >> 16U) & m8) ^ Td2_r((s2 >> 8U) & m8) ^ Td3_r(s1 & m8) ^ rk[4]; @@ -706,10 +788,14 @@ void AES::p_decryptSW(const uint8_t* in, uint8_t* out) const noexcept t1 = Td0[s1 >> 24U] ^ Td1_r((s0 >> 16U) & m8) ^ Td2_r((s3 >> 8U) & m8) ^ Td3_r(s2 & m8) ^ rk[53]; t2 = Td0[s2 >> 24U] ^ Td1_r((s1 >> 16U) & m8) ^ Td2_r((s0 >> 8U) & m8) ^ Td3_r(s3 & m8) ^ rk[54]; t3 = Td0[s3 >> 24U] ^ Td1_r((s2 >> 16U) & m8) ^ Td2_r((s1 >> 8U) & m8) ^ Td3_r(s0 & m8) ^ rk[55]; - s0 = (Td4[t0 >> 24U] << 24U) ^ (Td4[(t3 >> 16U) & m8] << 16U) ^ (Td4[(t2 >> 8U) & m8] << 8U) ^ (Td4[(t1)&m8]) ^ rk[56]; - s1 = (Td4[t1 >> 24U] << 24U) ^ (Td4[(t0 >> 16U) & m8] << 16U) ^ (Td4[(t3 >> 8U) & m8] << 8U) ^ (Td4[(t2)&m8]) ^ rk[57]; - s2 = (Td4[t2 >> 24U] << 24U) ^ (Td4[(t1 >> 16U) & m8] << 16U) ^ (Td4[(t0 >> 8U) & m8] << 8U) ^ (Td4[(t3)&m8]) ^ rk[58]; - s3 = (Td4[t3 >> 24U] << 24U) ^ (Td4[(t2 >> 16U) & m8] << 16U) ^ (Td4[(t1 >> 8U) & m8] << 8U) ^ (Td4[(t0)&m8]) ^ rk[59]; + s0 = (Td4[t0 >> 24U] << 24U) ^ (Td4[(t3 >> 16U) & m8] << 16U) ^ (Td4[(t2 >> 8U) & m8] << 8U) ^ (Td4[(t1)&m8]) + ^ rk[56]; + s1 = (Td4[t1 >> 24U] << 24U) ^ (Td4[(t0 >> 16U) & m8] << 16U) ^ (Td4[(t3 >> 8U) & m8] << 8U) ^ (Td4[(t2)&m8]) + ^ rk[57]; + s2 = (Td4[t2 >> 24U] << 24U) ^ (Td4[(t1 >> 16U) & m8] << 16U) ^ (Td4[(t0 >> 8U) & m8] << 8U) ^ (Td4[(t3)&m8]) + ^ rk[58]; + s3 = (Td4[t3 >> 24U] << 24U) ^ (Td4[(t2 >> 16U) & m8] << 16U) ^ (Td4[(t1 >> 8U) & m8] << 8U) ^ (Td4[(t0)&m8]) + ^ rk[59]; Utils::storeBigEndian(out, s0); Utils::storeBigEndian(out + 4, s1); diff --git a/core/AES.hpp b/core/AES.hpp index 77f21ee6b..47ca19bbd 100644 --- a/core/AES.hpp +++ b/core/AES.hpp @@ -21,10 +21,10 @@ // Uncomment to disable all hardware acceleration (usually for testing) //#define ZT_AES_NO_ACCEL -#if ! defined(ZT_AES_NO_ACCEL) && defined(ZT_ARCH_X64) +#if !defined(ZT_AES_NO_ACCEL) && defined(ZT_ARCH_X64) #define ZT_AES_AESNI 1 #endif -#if ! defined(ZT_AES_NO_ACCEL) && defined(ZT_ARCH_ARM_HAS_NEON) +#if !defined(ZT_AES_NO_ACCEL) && defined(ZT_ARCH_ARM_HAS_NEON) #define ZT_AES_NEON 1 #endif @@ -62,45 +62,37 @@ class AES { /** * Create an un-initialized AES instance (must call init() before use) */ - ZT_INLINE AES() noexcept - { - } + ZT_INLINE AES() noexcept {} /** * Create an AES instance with the given key * * @param key 256-bit key */ - explicit ZT_INLINE AES(const void* const key) noexcept - { - this->init(key); - } + explicit ZT_INLINE AES(const void *const key) noexcept { this->init(key); } - ZT_INLINE ~AES() - { - Utils::burn(&p_k, sizeof(p_k)); - } + ZT_INLINE ~AES() { Utils::burn(&p_k, sizeof(p_k)); } /** * Set (or re-set) this AES256 cipher's key * * @param key 256-bit / 32-byte key */ - ZT_INLINE void init(const void* const key) noexcept + ZT_INLINE void init(const void *const key) noexcept { #ifdef ZT_AES_AESNI if (likely(Utils::CPUID.aes)) { - p_init_aesni(reinterpret_cast(key)); + p_init_aesni(reinterpret_cast(key)); return; } #endif #ifdef ZT_AES_NEON if (Utils::ARMCAP.aes) { - p_init_armneon_crypto(reinterpret_cast(key)); + p_init_armneon_crypto(reinterpret_cast(key)); return; } #endif - p_initSW(reinterpret_cast(key)); + p_initSW(reinterpret_cast(key)); } /** @@ -109,7 +101,7 @@ class AES { * @param in Input block * @param out Output block (can be same as input) */ - ZT_INLINE void encrypt(const void* const in, void* const out) const noexcept + ZT_INLINE void encrypt(const void *const in, void *const out) const noexcept { #ifdef ZT_AES_AESNI if (likely(Utils::CPUID.aes)) { @@ -123,7 +115,7 @@ class AES { return; } #endif - p_encryptSW(reinterpret_cast(in), reinterpret_cast(out)); + p_encryptSW(reinterpret_cast(in), reinterpret_cast(out)); } /** @@ -132,7 +124,7 @@ class AES { * @param in Input block * @param out Output block (can be same as input) */ - ZT_INLINE void decrypt(const void* const in, void* const out) const noexcept + ZT_INLINE void decrypt(const void *const in, void *const out) const noexcept { #ifdef ZT_AES_AESNI if (likely(Utils::CPUID.aes)) { @@ -146,7 +138,7 @@ class AES { return; } #endif - p_decryptSW(reinterpret_cast(in), reinterpret_cast(out)); + p_decryptSW(reinterpret_cast(in), reinterpret_cast(out)); } class GMACSIVEncryptor; @@ -181,9 +173,7 @@ class AES { * * @param aes Keyed AES instance to use */ - ZT_INLINE GMAC(const AES& aes) : _aes(aes) - { - } + ZT_INLINE GMAC(const AES &aes) : _aes(aes) {} /** * Reset and initialize for a new GMAC calculation @@ -192,16 +182,16 @@ class AES { */ ZT_INLINE void init(const uint8_t iv[12]) noexcept { - _rp = 0; + _rp = 0; _len = 0; // We fill the least significant 32 bits in the _iv field with 1 since in GCM mode // this would hold the counter, but we're not doing GCM just GMAC. That means the // counter always stays just 1. #ifdef ZT_AES_AESNI // also implies an x64 processor - *reinterpret_cast(_iv) = *reinterpret_cast(iv); - *reinterpret_cast(_iv + 8) = *reinterpret_cast(iv + 8); - *reinterpret_cast(_iv + 12) = 0x01000000; // 0x00000001 in big-endian byte order + *reinterpret_cast(_iv) = *reinterpret_cast(iv); + *reinterpret_cast(_iv + 8) = *reinterpret_cast(iv + 8); + *reinterpret_cast(_iv + 12) = 0x01000000; // 0x00000001 in big-endian byte order #else Utils::copy<12>(_iv, iv); _iv[12] = 0; @@ -220,7 +210,7 @@ class AES { * @param data Bytes to process * @param len Length of input */ - void update(const void* data, unsigned int len) noexcept; + void update(const void *data, unsigned int len) noexcept; /** * Process any remaining cached bytes and generate tag @@ -233,14 +223,14 @@ class AES { private: #ifdef ZT_AES_AESNI - void p_aesNIUpdate(const uint8_t* in, unsigned int len) noexcept; + void p_aesNIUpdate(const uint8_t *in, unsigned int len) noexcept; void p_aesNIFinish(uint8_t tag[16]) noexcept; #endif #ifdef ZT_AES_NEON - void p_armUpdate(const uint8_t* in, unsigned int len) noexcept; + void p_armUpdate(const uint8_t *in, unsigned int len) noexcept; void p_armFinish(uint8_t tag[16]) noexcept; #endif - const AES& _aes; + const AES &_aes; unsigned int _rp; unsigned int _len; uint8_t _r[16]; // remainder @@ -260,9 +250,7 @@ class AES { friend class GMACSIVDecryptor; public: - ZT_INLINE CTR(const AES& aes) noexcept : _aes(aes) - { - } + ZT_INLINE CTR(const AES &aes) noexcept : _aes(aes) {} /** * Initialize this CTR instance to encrypt a new stream @@ -270,10 +258,10 @@ class AES { * @param iv Unique initialization vector and initial 32-bit counter (least significant 32 bits, big-endian) * @param output Buffer to which to store output (MUST be large enough for total bytes processed!) */ - ZT_INLINE void init(const uint8_t iv[16], void* const output) noexcept + ZT_INLINE void init(const uint8_t iv[16], void *const output) noexcept { Utils::copy<16>(_ctr, iv); - _out = reinterpret_cast(output); + _out = reinterpret_cast(output); _len = 0; } @@ -284,12 +272,12 @@ class AES { * @param ic Initial counter (must be in big-endian byte order!) * @param output Buffer to which to store output (MUST be large enough for total bytes processed!) */ - ZT_INLINE void init(const uint8_t iv[12], const uint32_t ic, void* const output) noexcept + ZT_INLINE void init(const uint8_t iv[12], const uint32_t ic, void *const output) noexcept { Utils::copy<12>(_ctr, iv); - reinterpret_cast(_ctr)[3] = ic; - _out = reinterpret_cast(output); - _len = 0; + reinterpret_cast(_ctr)[3] = ic; + _out = reinterpret_cast(output); + _len = 0; } /** @@ -298,7 +286,7 @@ class AES { * @param input Input data * @param len Length of input */ - void crypt(const void* input, unsigned int len) noexcept; + void crypt(const void *input, unsigned int len) noexcept; /** * Finish any remaining bytes if total bytes processed wasn't a multiple of 16 @@ -309,14 +297,14 @@ class AES { private: #ifdef ZT_AES_AESNI - void p_aesNICrypt(const uint8_t* in, uint8_t* out, unsigned int len) noexcept; + void p_aesNICrypt(const uint8_t *in, uint8_t *out, unsigned int len) noexcept; #endif #ifdef ZT_AES_NEON - void p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noexcept; + void p_armCrypt(const uint8_t *in, uint8_t *out, unsigned int len) noexcept; #endif - const AES& _aes; + const AES &_aes; uint64_t _ctr[2]; - uint8_t* _out; + uint8_t *_out; unsigned int _len; }; @@ -339,11 +327,7 @@ class AES { * @param k0 First of two AES instances keyed with K0 * @param k1 Second of two AES instances keyed with K1 */ - ZT_INLINE GMACSIVEncryptor(const AES& k0, const AES& k1) noexcept - : _gmac(k0) - , _ctr(k1) - { - } + ZT_INLINE GMACSIVEncryptor(const AES &k0, const AES &k1) noexcept : _gmac(k0), _ctr(k1) {} /** * Initialize AES-GMAC-SIV @@ -351,7 +335,7 @@ class AES { * @param iv IV in network byte order (byte order in which it will appear on the wire) * @param output Pointer to buffer to receive ciphertext, must be large enough for all to-be-processed data! */ - ZT_INLINE void init(const uint64_t iv, void* const output) noexcept + ZT_INLINE void init(const uint64_t iv, void *const output) noexcept { // Output buffer to receive the result of AES-CTR encryption. _output = output; @@ -359,7 +343,7 @@ class AES { // Initialize GMAC with 64-bit IV (and remaining 32 bits padded to zero). _tag[0] = iv; _tag[1] = 0; - _gmac.init(reinterpret_cast(_tag)); + _gmac.init(reinterpret_cast(_tag)); } /** @@ -372,7 +356,7 @@ class AES { * @param aad Additional authenticated data * @param len Length of AAD in bytes */ - ZT_INLINE void aad(const void* const aad, unsigned int len) noexcept + ZT_INLINE void aad(const void *const aad, unsigned int len) noexcept { // Feed ADD into GMAC first _gmac.update(aad, len); @@ -389,10 +373,7 @@ class AES { * @param input Plaintext chunk * @param len Length of plaintext chunk */ - ZT_INLINE void update1(const void* const input, const unsigned int len) noexcept - { - _gmac.update(input, len); - } + ZT_INLINE void update1(const void *const input, const unsigned int len) noexcept { _gmac.update(input, len); } /** * Finish first pass, compute CTR IV, initialize second pass. @@ -401,7 +382,7 @@ class AES { { // Compute 128-bit GMAC tag. uint64_t tmp[2]; - _gmac.finish(reinterpret_cast(tmp)); + _gmac.finish(reinterpret_cast(tmp)); // Shorten to 64 bits, concatenate with message IV, and encrypt with AES to // yield the CTR IV and opaque IV/MAC blob. In ZeroTier's use of GMAC-SIV @@ -421,7 +402,7 @@ class AES { // and so 2^31 should be considered the input limit. tmp[0] = _tag[0]; tmp[1] = _tag[1] & ZT_CONST_TO_BE_UINT64(0xffffffff7fffffffULL); - _ctr.init(reinterpret_cast(tmp), _output); + _ctr.init(reinterpret_cast(tmp), _output); } /** @@ -434,10 +415,7 @@ class AES { * @param input Plaintext chunk * @param len Length of plaintext chunk */ - ZT_INLINE void update2(const void* const input, const unsigned int len) noexcept - { - _ctr.crypt(input, len); - } + ZT_INLINE void update2(const void *const input, const unsigned int len) noexcept { _ctr.crypt(input, len); } /** * Finish second pass and return a pointer to the opaque 128-bit IV+MAC block @@ -447,14 +425,14 @@ class AES { * * @return Pointer to 128-bit opaque IV+MAC (packed into two 64-bit integers) */ - ZT_INLINE const uint64_t* finish2() + ZT_INLINE const uint64_t *finish2() { _ctr.finish(); return _tag; } private: - void* _output; + void *_output; uint64_t _tag[2]; AES::GMAC _gmac; AES::CTR _ctr; @@ -467,11 +445,7 @@ class AES { */ class GMACSIVDecryptor { public: - ZT_INLINE GMACSIVDecryptor(const AES& k0, const AES& k1) noexcept - : _ctr(k1) - , _gmac(k0) - { - } + ZT_INLINE GMACSIVDecryptor(const AES &k0, const AES &k1) noexcept : _ctr(k1), _gmac(k0) {} /** * Initialize decryptor for a new message @@ -479,20 +453,20 @@ class AES { * @param tag 128-bit combined IV/MAC originally created by GMAC-SIV encryption * @param output Buffer in which to write output plaintext (must be large enough!) */ - ZT_INLINE void init(const uint64_t tag[2], void* const output) noexcept + ZT_INLINE void init(const uint64_t tag[2], void *const output) noexcept { uint64_t tmp[2]; tmp[0] = tag[0]; tmp[1] = tag[1] & ZT_CONST_TO_BE_UINT64(0xffffffff7fffffffULL); - _ctr.init(reinterpret_cast(tmp), output); + _ctr.init(reinterpret_cast(tmp), output); _ctr._aes.decrypt(tag, _ivMac); tmp[0] = _ivMac[0]; tmp[1] = 0; - _gmac.init(reinterpret_cast(tmp)); + _gmac.init(reinterpret_cast(tmp)); - _output = output; + _output = output; _decryptedLen = 0; } @@ -502,7 +476,7 @@ class AES { * @param aad Additional authenticated data * @param len Length of AAD in bytes */ - ZT_INLINE void aad(const void* const aad, unsigned int len) noexcept + ZT_INLINE void aad(const void *const aad, unsigned int len) noexcept { _gmac.update(aad, len); len &= 0xfU; @@ -518,7 +492,7 @@ class AES { * @param input Input ciphertext * @param len Length of ciphertext */ - ZT_INLINE void update(const void* const input, const unsigned int len) noexcept + ZT_INLINE void update(const void *const input, const unsigned int len) noexcept { _ctr.crypt(input, len); _decryptedLen += len; @@ -535,7 +509,7 @@ class AES { uint64_t gmacTag[2]; _gmac.update(_output, _decryptedLen); - _gmac.finish(reinterpret_cast(gmacTag)); + _gmac.finish(reinterpret_cast(gmacTag)); return (gmacTag[0] ^ gmacTag[1]) == _ivMac[1]; } @@ -543,7 +517,7 @@ class AES { uint64_t _ivMac[2]; AES::CTR _ctr; AES::GMAC _gmac; - void* _output; + void *_output; unsigned int _decryptedLen; }; @@ -554,9 +528,9 @@ class AES { static const uint8_t Td4[256]; static const uint32_t rcon[15]; - void p_initSW(const uint8_t* key) noexcept; - void p_encryptSW(const uint8_t* in, uint8_t* out) const noexcept; - void p_decryptSW(const uint8_t* in, uint8_t* out) const noexcept; + void p_initSW(const uint8_t *key) noexcept; + void p_encryptSW(const uint8_t *in, uint8_t *out) const noexcept; + void p_decryptSW(const uint8_t *in, uint8_t *out) const noexcept; union { #ifdef ZT_AES_AESNI @@ -584,15 +558,15 @@ class AES { } p_k; #ifdef ZT_AES_AESNI - void p_init_aesni(const uint8_t* key) noexcept; - void p_encrypt_aesni(const void* in, void* out) const noexcept; - void p_decrypt_aesni(const void* in, void* out) const noexcept; + void p_init_aesni(const uint8_t *key) noexcept; + void p_encrypt_aesni(const void *in, void *out) const noexcept; + void p_decrypt_aesni(const void *in, void *out) const noexcept; #endif #ifdef ZT_AES_NEON - void p_init_armneon_crypto(const uint8_t* key) noexcept; - void p_encrypt_armneon_crypto(const void* in, void* out) const noexcept; - void p_decrypt_armneon_crypto(const void* in, void* out) const noexcept; + void p_init_armneon_crypto(const uint8_t *key) noexcept; + void p_encrypt_armneon_crypto(const void *in, void *out) const noexcept; + void p_decrypt_armneon_crypto(const void *in, void *out) const noexcept; #endif }; diff --git a/core/AES_aesni.cpp b/core/AES_aesni.cpp index c765b02c1..dcc0c6175 100644 --- a/core/AES_aesni.cpp +++ b/core/AES_aesni.cpp @@ -35,22 +35,27 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,pclmul"))) __m128i p_gmacPCLMUL128(const __m128i h, __m128i y) noexcept { - y = _mm_shuffle_epi8(y, s_sseSwapBytes); + y = _mm_shuffle_epi8(y, s_sseSwapBytes); __m128i t1 = _mm_clmulepi64_si128(h, y, 0x00); __m128i t2 = _mm_clmulepi64_si128(h, y, 0x01); __m128i t3 = _mm_clmulepi64_si128(h, y, 0x10); __m128i t4 = _mm_clmulepi64_si128(h, y, 0x11); - t2 = _mm_xor_si128(t2, t3); - t3 = _mm_slli_si128(t2, 8); - t2 = _mm_srli_si128(t2, 8); - t1 = _mm_xor_si128(t1, t3); - t4 = _mm_xor_si128(t4, t2); + t2 = _mm_xor_si128(t2, t3); + t3 = _mm_slli_si128(t2, 8); + t2 = _mm_srli_si128(t2, 8); + t1 = _mm_xor_si128(t1, t3); + t4 = _mm_xor_si128(t4, t2); __m128i t5 = _mm_srli_epi32(t1, 31); - t1 = _mm_or_si128(_mm_slli_epi32(t1, 1), _mm_slli_si128(t5, 4)); - t4 = _mm_or_si128(_mm_or_si128(_mm_slli_epi32(t4, 1), _mm_slli_si128(_mm_srli_epi32(t4, 31), 4)), _mm_srli_si128(t5, 12)); + t1 = _mm_or_si128(_mm_slli_epi32(t1, 1), _mm_slli_si128(t5, 4)); + t4 = _mm_or_si128( + _mm_or_si128(_mm_slli_epi32(t4, 1), _mm_slli_si128(_mm_srli_epi32(t4, 31), 4)), _mm_srli_si128(t5, 12)); t5 = _mm_xor_si128(_mm_xor_si128(_mm_slli_epi32(t1, 31), _mm_slli_epi32(t1, 30)), _mm_slli_epi32(t1, 25)); t1 = _mm_xor_si128(t1, _mm_slli_si128(t5, 12)); - t4 = _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(_mm_xor_si128(t4, _mm_srli_si128(t5, 4)), t1), _mm_srli_epi32(t1, 2)), _mm_srli_epi32(t1, 7)), _mm_srli_epi32(t1, 1)); + t4 = _mm_xor_si128( + _mm_xor_si128( + _mm_xor_si128(_mm_xor_si128(_mm_xor_si128(t4, _mm_srli_si128(t5, 4)), t1), _mm_srli_epi32(t1, 2)), + _mm_srli_epi32(t1, 7)), + _mm_srli_epi32(t1, 1)); return _mm_shuffle_epi8(t4, s_sseSwapBytes); } @@ -59,7 +64,7 @@ p_gmacPCLMUL128(const __m128i h, __m128i y) noexcept * The performance gain can be significant but regular SSE is already so * fast it's highly unlikely to be a rate limiting factor except on massive * servers and network infrastructure stuff. */ -#if ! defined(__WINDOWS__) && ((__GNUC__ >= 8) || (__clang_major__ >= 7)) +#if !defined(__WINDOWS__) && ((__GNUC__ >= 8) || (__clang_major__ >= 7)) #define ZT_AES_VAES512 1 @@ -68,24 +73,26 @@ __attribute__((__target__("sse4,aes,avx,avx2,vaes,avx512f,avx512bw"))) #endif void p_aesCtrInnerVAES512(unsigned int &len, const uint64_t c0, uint64_t &c1, const uint8_t *&in, uint8_t *&out, const __m128i *const k) noexcept { - const __m512i kk0 = _mm512_broadcast_i32x4(k[0]); - const __m512i kk1 = _mm512_broadcast_i32x4(k[1]); - const __m512i kk2 = _mm512_broadcast_i32x4(k[2]); - const __m512i kk3 = _mm512_broadcast_i32x4(k[3]); - const __m512i kk4 = _mm512_broadcast_i32x4(k[4]); - const __m512i kk5 = _mm512_broadcast_i32x4(k[5]); - const __m512i kk6 = _mm512_broadcast_i32x4(k[6]); - const __m512i kk7 = _mm512_broadcast_i32x4(k[7]); - const __m512i kk8 = _mm512_broadcast_i32x4(k[8]); - const __m512i kk9 = _mm512_broadcast_i32x4(k[9]); + const __m512i kk0 = _mm512_broadcast_i32x4(k[0]); + const __m512i kk1 = _mm512_broadcast_i32x4(k[1]); + const __m512i kk2 = _mm512_broadcast_i32x4(k[2]); + const __m512i kk3 = _mm512_broadcast_i32x4(k[3]); + const __m512i kk4 = _mm512_broadcast_i32x4(k[4]); + const __m512i kk5 = _mm512_broadcast_i32x4(k[5]); + const __m512i kk6 = _mm512_broadcast_i32x4(k[6]); + const __m512i kk7 = _mm512_broadcast_i32x4(k[7]); + const __m512i kk8 = _mm512_broadcast_i32x4(k[8]); + const __m512i kk9 = _mm512_broadcast_i32x4(k[9]); const __m512i kk10 = _mm512_broadcast_i32x4(k[10]); const __m512i kk11 = _mm512_broadcast_i32x4(k[11]); const __m512i kk12 = _mm512_broadcast_i32x4(k[12]); const __m512i kk13 = _mm512_broadcast_i32x4(k[13]); const __m512i kk14 = _mm512_broadcast_i32x4(k[14]); do { - __m512i p0 = _mm512_loadu_si512(reinterpret_cast(in)); - __m512i d0 = _mm512_set_epi64((long long)Utils::hton(c1 + 3ULL), (long long)c0, (long long)Utils::hton(c1 + 2ULL), (long long)c0, (long long)Utils::hton(c1 + 1ULL), (long long)c0, (long long)Utils::hton(c1), (long long)c0); + __m512i p0 = _mm512_loadu_si512(reinterpret_cast(in)); + __m512i d0 = _mm512_set_epi64( + (long long)Utils::hton(c1 + 3ULL), (long long)c0, (long long)Utils::hton(c1 + 2ULL), (long long)c0, + (long long)Utils::hton(c1 + 1ULL), (long long)c0, (long long)Utils::hton(c1), (long long)c0); c1 += 4; in += 64; len -= 64; @@ -104,7 +111,7 @@ void p_aesCtrInnerVAES512(unsigned int &len, const uint64_t c0, uint64_t &c1, co d0 = _mm512_aesenc_epi128(d0, kk12); d0 = _mm512_aesenc_epi128(d0, kk13); d0 = _mm512_aesenclast_epi128(d0, kk14); - _mm512_storeu_si512(reinterpret_cast<__m512i*>(out), _mm512_xor_si512(p0, d0)); + _mm512_storeu_si512(reinterpret_cast<__m512i *>(out), _mm512_xor_si512(p0, d0)); out += 64; } while (likely(len >= 64)); } @@ -116,26 +123,28 @@ __attribute__((__target__("sse4,aes,avx,avx2,vaes"))) #endif void p_aesCtrInnerVAES256(unsigned int &len, const uint64_t c0, uint64_t &c1, const uint8_t *&in, uint8_t *&out, const __m128i *const k) noexcept { - const __m256i kk0 = _mm256_broadcastsi128_si256(k[0]); - const __m256i kk1 = _mm256_broadcastsi128_si256(k[1]); - const __m256i kk2 = _mm256_broadcastsi128_si256(k[2]); - const __m256i kk3 = _mm256_broadcastsi128_si256(k[3]); - const __m256i kk4 = _mm256_broadcastsi128_si256(k[4]); - const __m256i kk5 = _mm256_broadcastsi128_si256(k[5]); - const __m256i kk6 = _mm256_broadcastsi128_si256(k[6]); - const __m256i kk7 = _mm256_broadcastsi128_si256(k[7]); - const __m256i kk8 = _mm256_broadcastsi128_si256(k[8]); - const __m256i kk9 = _mm256_broadcastsi128_si256(k[9]); + const __m256i kk0 = _mm256_broadcastsi128_si256(k[0]); + const __m256i kk1 = _mm256_broadcastsi128_si256(k[1]); + const __m256i kk2 = _mm256_broadcastsi128_si256(k[2]); + const __m256i kk3 = _mm256_broadcastsi128_si256(k[3]); + const __m256i kk4 = _mm256_broadcastsi128_si256(k[4]); + const __m256i kk5 = _mm256_broadcastsi128_si256(k[5]); + const __m256i kk6 = _mm256_broadcastsi128_si256(k[6]); + const __m256i kk7 = _mm256_broadcastsi128_si256(k[7]); + const __m256i kk8 = _mm256_broadcastsi128_si256(k[8]); + const __m256i kk9 = _mm256_broadcastsi128_si256(k[9]); const __m256i kk10 = _mm256_broadcastsi128_si256(k[10]); const __m256i kk11 = _mm256_broadcastsi128_si256(k[11]); const __m256i kk12 = _mm256_broadcastsi128_si256(k[12]); const __m256i kk13 = _mm256_broadcastsi128_si256(k[13]); const __m256i kk14 = _mm256_broadcastsi128_si256(k[14]); do { - __m256i p0 = _mm256_loadu_si256(reinterpret_cast(in)); - __m256i p1 = _mm256_loadu_si256(reinterpret_cast(in + 32)); - __m256i d0 = _mm256_set_epi64x((long long)Utils::hton(c1 + 1ULL), (long long)c0, (long long)Utils::hton(c1), (long long)c0); - __m256i d1 = _mm256_set_epi64x((long long)Utils::hton(c1 + 3ULL), (long long)c0, (long long)Utils::hton(c1 + 2ULL), (long long)c0); + __m256i p0 = _mm256_loadu_si256(reinterpret_cast(in)); + __m256i p1 = _mm256_loadu_si256(reinterpret_cast(in + 32)); + __m256i d0 = _mm256_set_epi64x( + (long long)Utils::hton(c1 + 1ULL), (long long)c0, (long long)Utils::hton(c1), (long long)c0); + __m256i d1 = _mm256_set_epi64x( + (long long)Utils::hton(c1 + 3ULL), (long long)c0, (long long)Utils::hton(c1 + 2ULL), (long long)c0); c1 += 4; in += 64; len -= 64; @@ -169,8 +178,8 @@ void p_aesCtrInnerVAES256(unsigned int &len, const uint64_t c0, uint64_t &c1, co d1 = _mm256_aesenc_epi128(d1, kk13); d0 = _mm256_aesenclast_epi128(d0, kk14); d1 = _mm256_aesenclast_epi128(d1, kk14); - _mm256_storeu_si256(reinterpret_cast<__m256i*>(out), _mm256_xor_si256(d0, p0)); - _mm256_storeu_si256(reinterpret_cast<__m256i*>(out + 32), _mm256_xor_si256(d1, p1)); + _mm256_storeu_si256(reinterpret_cast<__m256i *>(out), _mm256_xor_si256(d0, p0)); + _mm256_storeu_si256(reinterpret_cast<__m256i *>(out + 32), _mm256_xor_si256(d1, p1)); out += 64; } while (likely(len >= 64)); } @@ -221,66 +230,80 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,pclmul"))) #endif void AES::GMAC::p_aesNIUpdate(const uint8_t *in, unsigned int len) noexcept { - __m128i y = _mm_loadu_si128(reinterpret_cast(_y)); + __m128i y = _mm_loadu_si128(reinterpret_cast(_y)); // Handle anything left over from a previous run that wasn't a multiple of 16 bytes. if (_rp) { for (;;) { - if (! len) + if (!len) return; --len; _r[_rp++] = *(in++); if (_rp == 16) { - y = p_gmacPCLMUL128(_aes.p_k.ni.h[0], _mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast<__m128i*>(_r)))); + y = p_gmacPCLMUL128( + _aes.p_k.ni.h[0], _mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast<__m128i *>(_r)))); break; } } } if (likely(len >= 64)) { - const __m128i sb = s_sseSwapBytes; - const __m128i h = _aes.p_k.ni.h[0]; - const __m128i hh = _aes.p_k.ni.h[1]; - const __m128i hhh = _aes.p_k.ni.h[2]; - const __m128i hhhh = _aes.p_k.ni.h[3]; - const __m128i h2 = _aes.p_k.ni.h2[0]; - const __m128i hh2 = _aes.p_k.ni.h2[1]; - const __m128i hhh2 = _aes.p_k.ni.h2[2]; - const __m128i hhhh2 = _aes.p_k.ni.h2[3]; - const uint8_t* const end64 = in + (len & ~((unsigned int)63)); + const __m128i sb = s_sseSwapBytes; + const __m128i h = _aes.p_k.ni.h[0]; + const __m128i hh = _aes.p_k.ni.h[1]; + const __m128i hhh = _aes.p_k.ni.h[2]; + const __m128i hhhh = _aes.p_k.ni.h[3]; + const __m128i h2 = _aes.p_k.ni.h2[0]; + const __m128i hh2 = _aes.p_k.ni.h2[1]; + const __m128i hhh2 = _aes.p_k.ni.h2[2]; + const __m128i hhhh2 = _aes.p_k.ni.h2[3]; + const uint8_t *const end64 = in + (len & ~((unsigned int)63)); len &= 63U; do { - __m128i d1 = _mm_shuffle_epi8(_mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast(in))), sb); - __m128i d2 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast(in + 16)), sb); - __m128i d3 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast(in + 32)), sb); - __m128i d4 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast(in + 48)), sb); + __m128i d1 = _mm_shuffle_epi8(_mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast(in))), sb); + __m128i d2 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast(in + 16)), sb); + __m128i d3 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast(in + 32)), sb); + __m128i d4 = _mm_shuffle_epi8(_mm_loadu_si128(reinterpret_cast(in + 48)), sb); in += 64; - __m128i a = _mm_xor_si128(_mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x00), _mm_clmulepi64_si128(hhh, d2, 0x00)), _mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x00), _mm_clmulepi64_si128(h, d4, 0x00))); - __m128i b = _mm_xor_si128(_mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x11), _mm_clmulepi64_si128(hhh, d2, 0x11)), _mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x11), _mm_clmulepi64_si128(h, d4, 0x11))); + __m128i a = _mm_xor_si128( + _mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x00), _mm_clmulepi64_si128(hhh, d2, 0x00)), + _mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x00), _mm_clmulepi64_si128(h, d4, 0x00))); + __m128i b = _mm_xor_si128( + _mm_xor_si128(_mm_clmulepi64_si128(hhhh, d1, 0x11), _mm_clmulepi64_si128(hhh, d2, 0x11)), + _mm_xor_si128(_mm_clmulepi64_si128(hh, d3, 0x11), _mm_clmulepi64_si128(h, d4, 0x11))); __m128i c = _mm_xor_si128( _mm_xor_si128( - _mm_xor_si128(_mm_clmulepi64_si128(hhhh2, _mm_xor_si128(_mm_shuffle_epi32(d1, 78), d1), 0x00), _mm_clmulepi64_si128(hhh2, _mm_xor_si128(_mm_shuffle_epi32(d2, 78), d2), 0x00)), - _mm_xor_si128(_mm_clmulepi64_si128(hh2, _mm_xor_si128(_mm_shuffle_epi32(d3, 78), d3), 0x00), _mm_clmulepi64_si128(h2, _mm_xor_si128(_mm_shuffle_epi32(d4, 78), d4), 0x00))), + _mm_xor_si128( + _mm_clmulepi64_si128(hhhh2, _mm_xor_si128(_mm_shuffle_epi32(d1, 78), d1), 0x00), + _mm_clmulepi64_si128(hhh2, _mm_xor_si128(_mm_shuffle_epi32(d2, 78), d2), 0x00)), + _mm_xor_si128( + _mm_clmulepi64_si128(hh2, _mm_xor_si128(_mm_shuffle_epi32(d3, 78), d3), 0x00), + _mm_clmulepi64_si128(h2, _mm_xor_si128(_mm_shuffle_epi32(d4, 78), d4), 0x00))), _mm_xor_si128(a, b)); a = _mm_xor_si128(_mm_slli_si128(c, 8), a); b = _mm_xor_si128(_mm_srli_si128(c, 8), b); c = _mm_srli_epi32(a, 31); a = _mm_or_si128(_mm_slli_epi32(a, 1), _mm_slli_si128(c, 4)); - b = _mm_or_si128(_mm_or_si128(_mm_slli_epi32(b, 1), _mm_slli_si128(_mm_srli_epi32(b, 31), 4)), _mm_srli_si128(c, 12)); + b = _mm_or_si128( + _mm_or_si128(_mm_slli_epi32(b, 1), _mm_slli_si128(_mm_srli_epi32(b, 31), 4)), _mm_srli_si128(c, 12)); c = _mm_xor_si128(_mm_slli_epi32(a, 31), _mm_xor_si128(_mm_slli_epi32(a, 30), _mm_slli_epi32(a, 25))); a = _mm_xor_si128(a, _mm_slli_si128(c, 12)); - b = _mm_xor_si128(b, _mm_xor_si128(a, _mm_xor_si128(_mm_xor_si128(_mm_srli_epi32(a, 1), _mm_srli_si128(c, 4)), _mm_xor_si128(_mm_srli_epi32(a, 2), _mm_srli_epi32(a, 7))))); + b = _mm_xor_si128( + b, _mm_xor_si128( + a, _mm_xor_si128( + _mm_xor_si128(_mm_srli_epi32(a, 1), _mm_srli_si128(c, 4)), + _mm_xor_si128(_mm_srli_epi32(a, 2), _mm_srli_epi32(a, 7))))); y = _mm_shuffle_epi8(b, sb); } while (likely(in != end64)); } while (len >= 16) { - y = p_gmacPCLMUL128(_aes.p_k.ni.h[0], _mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast(in)))); + y = p_gmacPCLMUL128(_aes.p_k.ni.h[0], _mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast(in)))); in += 16; len -= 16; } - _mm_storeu_si128(reinterpret_cast<__m128i*>(_y), y); + _mm_storeu_si128(reinterpret_cast<__m128i *>(_y), y); // Any overflow is cached for a later run or finish(). for (unsigned int i = 0; i < len; ++i) @@ -293,72 +316,72 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,pclmul,aes"))) #endif void AES::GMAC::p_aesNIFinish(uint8_t tag[16]) noexcept { - __m128i y = _mm_loadu_si128(reinterpret_cast(_y)); + __m128i y = _mm_loadu_si128(reinterpret_cast(_y)); // Handle any remaining bytes, padding the last block with zeroes. if (_rp) { while (_rp < 16) _r[_rp++] = 0; - y = p_gmacPCLMUL128(_aes.p_k.ni.h[0], _mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast<__m128i*>(_r)))); + y = p_gmacPCLMUL128(_aes.p_k.ni.h[0], _mm_xor_si128(y, _mm_loadu_si128(reinterpret_cast<__m128i *>(_r)))); } // Interleave encryption of IV with the final GHASH of y XOR (length * 8). // Then XOR these together to get the final tag. - const __m128i* const k = _aes.p_k.ni.k; - const __m128i h = _aes.p_k.ni.h[0]; - y = _mm_xor_si128(y, _mm_set_epi64x(0LL, (long long)Utils::hton((uint64_t)_len << 3U))); - y = _mm_shuffle_epi8(y, s_sseSwapBytes); - __m128i encIV = _mm_xor_si128(_mm_loadu_si128(reinterpret_cast(_iv)), k[0]); - __m128i t1 = _mm_clmulepi64_si128(h, y, 0x00); - __m128i t2 = _mm_clmulepi64_si128(h, y, 0x01); - __m128i t3 = _mm_clmulepi64_si128(h, y, 0x10); - __m128i t4 = _mm_clmulepi64_si128(h, y, 0x11); - encIV = _mm_aesenc_si128(encIV, k[1]); - t2 = _mm_xor_si128(t2, t3); - t3 = _mm_slli_si128(t2, 8); - encIV = _mm_aesenc_si128(encIV, k[2]); - t2 = _mm_srli_si128(t2, 8); - t1 = _mm_xor_si128(t1, t3); - encIV = _mm_aesenc_si128(encIV, k[3]); - t4 = _mm_xor_si128(t4, t2); - __m128i t5 = _mm_srli_epi32(t1, 31); - t1 = _mm_slli_epi32(t1, 1); - __m128i t6 = _mm_srli_epi32(t4, 31); - encIV = _mm_aesenc_si128(encIV, k[4]); - t4 = _mm_slli_epi32(t4, 1); - t3 = _mm_srli_si128(t5, 12); - encIV = _mm_aesenc_si128(encIV, k[5]); - t6 = _mm_slli_si128(t6, 4); - t5 = _mm_slli_si128(t5, 4); - encIV = _mm_aesenc_si128(encIV, k[6]); - t1 = _mm_or_si128(t1, t5); - t4 = _mm_or_si128(t4, t6); - encIV = _mm_aesenc_si128(encIV, k[7]); - t4 = _mm_or_si128(t4, t3); - t5 = _mm_slli_epi32(t1, 31); - encIV = _mm_aesenc_si128(encIV, k[8]); - t6 = _mm_slli_epi32(t1, 30); - t3 = _mm_slli_epi32(t1, 25); - encIV = _mm_aesenc_si128(encIV, k[9]); - t5 = _mm_xor_si128(t5, t6); - t5 = _mm_xor_si128(t5, t3); - encIV = _mm_aesenc_si128(encIV, k[10]); - t6 = _mm_srli_si128(t5, 4); - t4 = _mm_xor_si128(t4, t6); - encIV = _mm_aesenc_si128(encIV, k[11]); - t5 = _mm_slli_si128(t5, 12); - t1 = _mm_xor_si128(t1, t5); - t4 = _mm_xor_si128(t4, t1); - t5 = _mm_srli_epi32(t1, 1); - encIV = _mm_aesenc_si128(encIV, k[12]); - t2 = _mm_srli_epi32(t1, 2); - t3 = _mm_srli_epi32(t1, 7); - encIV = _mm_aesenc_si128(encIV, k[13]); - t4 = _mm_xor_si128(t4, t2); - t4 = _mm_xor_si128(t4, t3); - encIV = _mm_aesenclast_si128(encIV, k[14]); - t4 = _mm_xor_si128(t4, t5); - _mm_storeu_si128(reinterpret_cast<__m128i*>(tag), _mm_xor_si128(_mm_shuffle_epi8(t4, s_sseSwapBytes), encIV)); + const __m128i *const k = _aes.p_k.ni.k; + const __m128i h = _aes.p_k.ni.h[0]; + y = _mm_xor_si128(y, _mm_set_epi64x(0LL, (long long)Utils::hton((uint64_t)_len << 3U))); + y = _mm_shuffle_epi8(y, s_sseSwapBytes); + __m128i encIV = _mm_xor_si128(_mm_loadu_si128(reinterpret_cast(_iv)), k[0]); + __m128i t1 = _mm_clmulepi64_si128(h, y, 0x00); + __m128i t2 = _mm_clmulepi64_si128(h, y, 0x01); + __m128i t3 = _mm_clmulepi64_si128(h, y, 0x10); + __m128i t4 = _mm_clmulepi64_si128(h, y, 0x11); + encIV = _mm_aesenc_si128(encIV, k[1]); + t2 = _mm_xor_si128(t2, t3); + t3 = _mm_slli_si128(t2, 8); + encIV = _mm_aesenc_si128(encIV, k[2]); + t2 = _mm_srli_si128(t2, 8); + t1 = _mm_xor_si128(t1, t3); + encIV = _mm_aesenc_si128(encIV, k[3]); + t4 = _mm_xor_si128(t4, t2); + __m128i t5 = _mm_srli_epi32(t1, 31); + t1 = _mm_slli_epi32(t1, 1); + __m128i t6 = _mm_srli_epi32(t4, 31); + encIV = _mm_aesenc_si128(encIV, k[4]); + t4 = _mm_slli_epi32(t4, 1); + t3 = _mm_srli_si128(t5, 12); + encIV = _mm_aesenc_si128(encIV, k[5]); + t6 = _mm_slli_si128(t6, 4); + t5 = _mm_slli_si128(t5, 4); + encIV = _mm_aesenc_si128(encIV, k[6]); + t1 = _mm_or_si128(t1, t5); + t4 = _mm_or_si128(t4, t6); + encIV = _mm_aesenc_si128(encIV, k[7]); + t4 = _mm_or_si128(t4, t3); + t5 = _mm_slli_epi32(t1, 31); + encIV = _mm_aesenc_si128(encIV, k[8]); + t6 = _mm_slli_epi32(t1, 30); + t3 = _mm_slli_epi32(t1, 25); + encIV = _mm_aesenc_si128(encIV, k[9]); + t5 = _mm_xor_si128(t5, t6); + t5 = _mm_xor_si128(t5, t3); + encIV = _mm_aesenc_si128(encIV, k[10]); + t6 = _mm_srli_si128(t5, 4); + t4 = _mm_xor_si128(t4, t6); + encIV = _mm_aesenc_si128(encIV, k[11]); + t5 = _mm_slli_si128(t5, 12); + t1 = _mm_xor_si128(t1, t5); + t4 = _mm_xor_si128(t4, t1); + t5 = _mm_srli_epi32(t1, 1); + encIV = _mm_aesenc_si128(encIV, k[12]); + t2 = _mm_srli_epi32(t1, 2); + t3 = _mm_srli_epi32(t1, 7); + encIV = _mm_aesenc_si128(encIV, k[13]); + t4 = _mm_xor_si128(t4, t2); + t4 = _mm_xor_si128(t4, t3); + encIV = _mm_aesenclast_si128(encIV, k[14]); + t4 = _mm_xor_si128(t4, t5); + _mm_storeu_si128(reinterpret_cast<__m128i *>(tag), _mm_xor_si128(_mm_shuffle_epi8(t4, s_sseSwapBytes), encIV)); } #ifdef __GNUC__ @@ -367,55 +390,55 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,aes"))) void AES::CTR::p_aesNICrypt(const uint8_t *in, uint8_t *out, unsigned int len) noexcept { const __m128i dd = _mm_set_epi64x(0, (long long)_ctr[0]); - uint64_t c1 = Utils::ntoh(_ctr[1]); + uint64_t c1 = Utils::ntoh(_ctr[1]); - const __m128i* const k = _aes.p_k.ni.k; - const __m128i k0 = k[0]; - const __m128i k1 = k[1]; - const __m128i k2 = k[2]; - const __m128i k3 = k[3]; - const __m128i k4 = k[4]; - const __m128i k5 = k[5]; - const __m128i k6 = k[6]; - const __m128i k7 = k[7]; - const __m128i k8 = k[8]; - const __m128i k9 = k[9]; - const __m128i k10 = k[10]; - const __m128i k11 = k[11]; - const __m128i k12 = k[12]; - const __m128i k13 = k[13]; - const __m128i k14 = k[14]; + const __m128i *const k = _aes.p_k.ni.k; + const __m128i k0 = k[0]; + const __m128i k1 = k[1]; + const __m128i k2 = k[2]; + const __m128i k3 = k[3]; + const __m128i k4 = k[4]; + const __m128i k5 = k[5]; + const __m128i k6 = k[6]; + const __m128i k7 = k[7]; + const __m128i k8 = k[8]; + const __m128i k9 = k[9]; + const __m128i k10 = k[10]; + const __m128i k11 = k[11]; + const __m128i k12 = k[12]; + const __m128i k13 = k[13]; + const __m128i k14 = k[14]; // Complete any unfinished blocks from previous calls to crypt(). unsigned int totalLen = _len; if ((totalLen & 15U)) { for (;;) { - if (unlikely(! len)) { + if (unlikely(!len)) { _ctr[1] = Utils::hton(c1); - _len = totalLen; + _len = totalLen; return; } --len; out[totalLen++] = *(in++); - if (! (totalLen & 15U)) { - __m128i d0 = _mm_insert_epi64(dd, (long long)Utils::hton(c1++), 1); - d0 = _mm_xor_si128(d0, k0); - d0 = _mm_aesenc_si128(d0, k1); - d0 = _mm_aesenc_si128(d0, k2); - d0 = _mm_aesenc_si128(d0, k3); - d0 = _mm_aesenc_si128(d0, k4); - d0 = _mm_aesenc_si128(d0, k5); - d0 = _mm_aesenc_si128(d0, k6); - d0 = _mm_aesenc_si128(d0, k7); - d0 = _mm_aesenc_si128(d0, k8); - d0 = _mm_aesenc_si128(d0, k9); - d0 = _mm_aesenc_si128(d0, k10); - __m128i* const outblk = reinterpret_cast<__m128i*>(out + (totalLen - 16)); - d0 = _mm_aesenc_si128(d0, k11); - const __m128i p0 = _mm_loadu_si128(outblk); - d0 = _mm_aesenc_si128(d0, k12); - d0 = _mm_aesenc_si128(d0, k13); - d0 = _mm_aesenclast_si128(d0, k14); + if (!(totalLen & 15U)) { + __m128i d0 = _mm_insert_epi64(dd, (long long)Utils::hton(c1++), 1); + d0 = _mm_xor_si128(d0, k0); + d0 = _mm_aesenc_si128(d0, k1); + d0 = _mm_aesenc_si128(d0, k2); + d0 = _mm_aesenc_si128(d0, k3); + d0 = _mm_aesenc_si128(d0, k4); + d0 = _mm_aesenc_si128(d0, k5); + d0 = _mm_aesenc_si128(d0, k6); + d0 = _mm_aesenc_si128(d0, k7); + d0 = _mm_aesenc_si128(d0, k8); + d0 = _mm_aesenc_si128(d0, k9); + d0 = _mm_aesenc_si128(d0, k10); + __m128i *const outblk = reinterpret_cast<__m128i *>(out + (totalLen - 16)); + d0 = _mm_aesenc_si128(d0, k11); + const __m128i p0 = _mm_loadu_si128(outblk); + d0 = _mm_aesenc_si128(d0, k12); + d0 = _mm_aesenc_si128(d0, k13); + d0 = _mm_aesenclast_si128(d0, k14); _mm_storeu_si128(outblk, _mm_xor_si128(p0, d0)); break; } @@ -438,14 +461,14 @@ void AES::CTR::p_aesNICrypt(const uint8_t *in, uint8_t *out, unsigned int len) n } #endif -#if ! defined(ZT_AES_VAES512) && defined(ZT_AES_VAES256) +#if !defined(ZT_AES_VAES512) && defined(ZT_AES_VAES256) if (Utils::CPUID.vaes && (len >= 256)) { p_aesCtrInnerVAES256(len, _ctr[0], c1, in, out, k); goto skip_conventional_aesni_64; } #endif - const uint8_t* const eof64 = in + (len & ~((unsigned int)63)); + const uint8_t *const eof64 = in + (len & ~((unsigned int)63)); len &= 63; __m128i d0, d1, d2, d3; do { @@ -453,10 +476,10 @@ void AES::CTR::p_aesNICrypt(const uint8_t *in, uint8_t *out, unsigned int len) n const uint64_t c11 = Utils::hton(c1 + 1ULL); const uint64_t c12 = Utils::hton(c1 + 2ULL); const uint64_t c13 = Utils::hton(c1 + 3ULL); - d0 = _mm_insert_epi64(dd, (long long)c10, 1); - d1 = _mm_insert_epi64(dd, (long long)c11, 1); - d2 = _mm_insert_epi64(dd, (long long)c12, 1); - d3 = _mm_insert_epi64(dd, (long long)c13, 1); + d0 = _mm_insert_epi64(dd, (long long)c10, 1); + d1 = _mm_insert_epi64(dd, (long long)c11, 1); + d2 = _mm_insert_epi64(dd, (long long)c12, 1); + d3 = _mm_insert_epi64(dd, (long long)c13, 1); c1 += 4; d0 = _mm_xor_si128(d0, k0); d1 = _mm_xor_si128(d1, k0); @@ -514,15 +537,18 @@ void AES::CTR::p_aesNICrypt(const uint8_t *in, uint8_t *out, unsigned int len) n d1 = _mm_aesenc_si128(d1, k13); d2 = _mm_aesenc_si128(d2, k13); d3 = _mm_aesenc_si128(d3, k13); - d0 = _mm_xor_si128(_mm_aesenclast_si128(d0, k14), _mm_loadu_si128(reinterpret_cast(in))); - d1 = _mm_xor_si128(_mm_aesenclast_si128(d1, k14), _mm_loadu_si128(reinterpret_cast(in + 16))); - d2 = _mm_xor_si128(_mm_aesenclast_si128(d2, k14), _mm_loadu_si128(reinterpret_cast(in + 32))); - d3 = _mm_xor_si128(_mm_aesenclast_si128(d3, k14), _mm_loadu_si128(reinterpret_cast(in + 48))); + d0 = _mm_xor_si128(_mm_aesenclast_si128(d0, k14), _mm_loadu_si128(reinterpret_cast(in))); + d1 = _mm_xor_si128( + _mm_aesenclast_si128(d1, k14), _mm_loadu_si128(reinterpret_cast(in + 16))); + d2 = _mm_xor_si128( + _mm_aesenclast_si128(d2, k14), _mm_loadu_si128(reinterpret_cast(in + 32))); + d3 = _mm_xor_si128( + _mm_aesenclast_si128(d3, k14), _mm_loadu_si128(reinterpret_cast(in + 48))); in += 64; - _mm_storeu_si128(reinterpret_cast<__m128i*>(out), d0); - _mm_storeu_si128(reinterpret_cast<__m128i*>(out + 16), d1); - _mm_storeu_si128(reinterpret_cast<__m128i*>(out + 32), d2); - _mm_storeu_si128(reinterpret_cast<__m128i*>(out + 48), d3); + _mm_storeu_si128(reinterpret_cast<__m128i *>(out), d0); + _mm_storeu_si128(reinterpret_cast<__m128i *>(out + 16), d1); + _mm_storeu_si128(reinterpret_cast<__m128i *>(out + 32), d2); + _mm_storeu_si128(reinterpret_cast<__m128i *>(out + 48), d3); out += 64; } while (likely(in != eof64)); } @@ -530,21 +556,23 @@ void AES::CTR::p_aesNICrypt(const uint8_t *in, uint8_t *out, unsigned int len) n skip_conventional_aesni_64: while (len >= 16) { __m128i d0 = _mm_insert_epi64(dd, (long long)Utils::hton(c1++), 1); - d0 = _mm_xor_si128(d0, k0); - d0 = _mm_aesenc_si128(d0, k1); - d0 = _mm_aesenc_si128(d0, k2); - d0 = _mm_aesenc_si128(d0, k3); - d0 = _mm_aesenc_si128(d0, k4); - d0 = _mm_aesenc_si128(d0, k5); - d0 = _mm_aesenc_si128(d0, k6); - d0 = _mm_aesenc_si128(d0, k7); - d0 = _mm_aesenc_si128(d0, k8); - d0 = _mm_aesenc_si128(d0, k9); - d0 = _mm_aesenc_si128(d0, k10); - d0 = _mm_aesenc_si128(d0, k11); - d0 = _mm_aesenc_si128(d0, k12); - d0 = _mm_aesenc_si128(d0, k13); - _mm_storeu_si128(reinterpret_cast<__m128i*>(out), _mm_xor_si128(_mm_aesenclast_si128(d0, k14), _mm_loadu_si128(reinterpret_cast(in)))); + d0 = _mm_xor_si128(d0, k0); + d0 = _mm_aesenc_si128(d0, k1); + d0 = _mm_aesenc_si128(d0, k2); + d0 = _mm_aesenc_si128(d0, k3); + d0 = _mm_aesenc_si128(d0, k4); + d0 = _mm_aesenc_si128(d0, k5); + d0 = _mm_aesenc_si128(d0, k6); + d0 = _mm_aesenc_si128(d0, k7); + d0 = _mm_aesenc_si128(d0, k8); + d0 = _mm_aesenc_si128(d0, k9); + d0 = _mm_aesenc_si128(d0, k10); + d0 = _mm_aesenc_si128(d0, k11); + d0 = _mm_aesenc_si128(d0, k12); + d0 = _mm_aesenc_si128(d0, k13); + _mm_storeu_si128( + reinterpret_cast<__m128i *>(out), + _mm_xor_si128(_mm_aesenclast_si128(d0, k14), _mm_loadu_si128(reinterpret_cast(in)))); in += 16; len -= 16; out += 16; @@ -565,8 +593,8 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,aes,pclmul"))) void AES::p_init_aesni(const uint8_t *key) noexcept { __m128i t1, t2, k1, k2, k3, k4, k5, k6, k7, k8, k9, k10, k11, k12, k13; - p_k.ni.k[0] = t1 = _mm_loadu_si128((const __m128i*)key); - p_k.ni.k[1] = k1 = t2 = _mm_loadu_si128((const __m128i*)(key + 16)); + p_k.ni.k[0] = t1 = _mm_loadu_si128((const __m128i *)key); + p_k.ni.k[1] = k1 = t2 = _mm_loadu_si128((const __m128i *)(key + 16)); p_k.ni.k[2] = k2 = t1 = p_init256_1_aesni(t1, _mm_aeskeygenassist_si128(t2, 0x01)); p_k.ni.k[3] = k3 = t2 = p_init256_2_aesni(t1, t2); p_k.ni.k[4] = k4 = t1 = p_init256_1_aesni(t1, _mm_aeskeygenassist_si128(t2, 0x02)); @@ -579,48 +607,48 @@ void AES::p_init_aesni(const uint8_t *key) noexcept p_k.ni.k[11] = k11 = t2 = p_init256_2_aesni(t1, t2); p_k.ni.k[12] = k12 = t1 = p_init256_1_aesni(t1, _mm_aeskeygenassist_si128(t2, 0x20)); p_k.ni.k[13] = k13 = t2 = p_init256_2_aesni(t1, t2); - p_k.ni.k[14] = p_init256_1_aesni(t1, _mm_aeskeygenassist_si128(t2, 0x40)); - p_k.ni.k[15] = _mm_aesimc_si128(k13); - p_k.ni.k[16] = _mm_aesimc_si128(k12); - p_k.ni.k[17] = _mm_aesimc_si128(k11); - p_k.ni.k[18] = _mm_aesimc_si128(k10); - p_k.ni.k[19] = _mm_aesimc_si128(k9); - p_k.ni.k[20] = _mm_aesimc_si128(k8); - p_k.ni.k[21] = _mm_aesimc_si128(k7); - p_k.ni.k[22] = _mm_aesimc_si128(k6); - p_k.ni.k[23] = _mm_aesimc_si128(k5); - p_k.ni.k[24] = _mm_aesimc_si128(k4); - p_k.ni.k[25] = _mm_aesimc_si128(k3); - p_k.ni.k[26] = _mm_aesimc_si128(k2); - p_k.ni.k[27] = _mm_aesimc_si128(k1); + p_k.ni.k[14] = p_init256_1_aesni(t1, _mm_aeskeygenassist_si128(t2, 0x40)); + p_k.ni.k[15] = _mm_aesimc_si128(k13); + p_k.ni.k[16] = _mm_aesimc_si128(k12); + p_k.ni.k[17] = _mm_aesimc_si128(k11); + p_k.ni.k[18] = _mm_aesimc_si128(k10); + p_k.ni.k[19] = _mm_aesimc_si128(k9); + p_k.ni.k[20] = _mm_aesimc_si128(k8); + p_k.ni.k[21] = _mm_aesimc_si128(k7); + p_k.ni.k[22] = _mm_aesimc_si128(k6); + p_k.ni.k[23] = _mm_aesimc_si128(k5); + p_k.ni.k[24] = _mm_aesimc_si128(k4); + p_k.ni.k[25] = _mm_aesimc_si128(k3); + p_k.ni.k[26] = _mm_aesimc_si128(k2); + p_k.ni.k[27] = _mm_aesimc_si128(k1); - __m128i h = p_k.ni.k[0]; // _mm_xor_si128(_mm_setzero_si128(),_k.ni.k[0]); - h = _mm_aesenc_si128(h, k1); - h = _mm_aesenc_si128(h, k2); - h = _mm_aesenc_si128(h, k3); - h = _mm_aesenc_si128(h, k4); - h = _mm_aesenc_si128(h, k5); - h = _mm_aesenc_si128(h, k6); - h = _mm_aesenc_si128(h, k7); - h = _mm_aesenc_si128(h, k8); - h = _mm_aesenc_si128(h, k9); - h = _mm_aesenc_si128(h, k10); - h = _mm_aesenc_si128(h, k11); - h = _mm_aesenc_si128(h, k12); - h = _mm_aesenc_si128(h, k13); - h = _mm_aesenclast_si128(h, p_k.ni.k[14]); + __m128i h = p_k.ni.k[0]; // _mm_xor_si128(_mm_setzero_si128(),_k.ni.k[0]); + h = _mm_aesenc_si128(h, k1); + h = _mm_aesenc_si128(h, k2); + h = _mm_aesenc_si128(h, k3); + h = _mm_aesenc_si128(h, k4); + h = _mm_aesenc_si128(h, k5); + h = _mm_aesenc_si128(h, k6); + h = _mm_aesenc_si128(h, k7); + h = _mm_aesenc_si128(h, k8); + h = _mm_aesenc_si128(h, k9); + h = _mm_aesenc_si128(h, k10); + h = _mm_aesenc_si128(h, k11); + h = _mm_aesenc_si128(h, k12); + h = _mm_aesenc_si128(h, k13); + h = _mm_aesenclast_si128(h, p_k.ni.k[14]); __m128i hswap = _mm_shuffle_epi8(h, s_sseSwapBytes); - __m128i hh = p_gmacPCLMUL128(hswap, h); - __m128i hhh = p_gmacPCLMUL128(hswap, hh); - __m128i hhhh = p_gmacPCLMUL128(hswap, hhh); - p_k.ni.h[0] = hswap; + __m128i hh = p_gmacPCLMUL128(hswap, h); + __m128i hhh = p_gmacPCLMUL128(hswap, hh); + __m128i hhhh = p_gmacPCLMUL128(hswap, hhh); + p_k.ni.h[0] = hswap; p_k.ni.h[1] = hh = _mm_shuffle_epi8(hh, s_sseSwapBytes); p_k.ni.h[2] = hhh = _mm_shuffle_epi8(hhh, s_sseSwapBytes); p_k.ni.h[3] = hhhh = _mm_shuffle_epi8(hhhh, s_sseSwapBytes); - p_k.ni.h2[0] = _mm_xor_si128(_mm_shuffle_epi32(hswap, 78), hswap); - p_k.ni.h2[1] = _mm_xor_si128(_mm_shuffle_epi32(hh, 78), hh); - p_k.ni.h2[2] = _mm_xor_si128(_mm_shuffle_epi32(hhh, 78), hhh); - p_k.ni.h2[3] = _mm_xor_si128(_mm_shuffle_epi32(hhhh, 78), hhhh); + p_k.ni.h2[0] = _mm_xor_si128(_mm_shuffle_epi32(hswap, 78), hswap); + p_k.ni.h2[1] = _mm_xor_si128(_mm_shuffle_epi32(hh, 78), hh); + p_k.ni.h2[2] = _mm_xor_si128(_mm_shuffle_epi32(hhh, 78), hhh); + p_k.ni.h2[3] = _mm_xor_si128(_mm_shuffle_epi32(hhhh, 78), hhhh); } #ifdef __GNUC__ @@ -628,22 +656,22 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,aes,pclmul"))) #endif void AES::p_encrypt_aesni(const void *const in, void *const out) const noexcept { - __m128i tmp = _mm_loadu_si128((const __m128i*)in); - tmp = _mm_xor_si128(tmp, p_k.ni.k[0]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[1]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[2]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[3]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[4]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[5]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[6]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[7]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[8]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[9]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[10]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[11]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[12]); - tmp = _mm_aesenc_si128(tmp, p_k.ni.k[13]); - _mm_storeu_si128((__m128i*)out, _mm_aesenclast_si128(tmp, p_k.ni.k[14])); + __m128i tmp = _mm_loadu_si128((const __m128i *)in); + tmp = _mm_xor_si128(tmp, p_k.ni.k[0]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[1]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[2]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[3]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[4]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[5]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[6]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[7]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[8]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[9]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[10]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[11]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[12]); + tmp = _mm_aesenc_si128(tmp, p_k.ni.k[13]); + _mm_storeu_si128((__m128i *)out, _mm_aesenclast_si128(tmp, p_k.ni.k[14])); } #ifdef __GNUC__ @@ -651,22 +679,22 @@ __attribute__((__target__("ssse3,sse4,sse4.1,sse4.2,aes,pclmul"))) #endif void AES::p_decrypt_aesni(const void *in, void *out) const noexcept { - __m128i tmp = _mm_loadu_si128((const __m128i*)in); - tmp = _mm_xor_si128(tmp, p_k.ni.k[14]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[15]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[16]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[17]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[18]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[19]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[20]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[21]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[22]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[23]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[24]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[25]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[26]); - tmp = _mm_aesdec_si128(tmp, p_k.ni.k[27]); - _mm_storeu_si128((__m128i*)out, _mm_aesdeclast_si128(tmp, p_k.ni.k[0])); + __m128i tmp = _mm_loadu_si128((const __m128i *)in); + tmp = _mm_xor_si128(tmp, p_k.ni.k[14]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[15]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[16]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[17]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[18]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[19]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[20]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[21]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[22]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[23]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[24]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[25]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[26]); + tmp = _mm_aesdec_si128(tmp, p_k.ni.k[27]); + _mm_storeu_si128((__m128i *)out, _mm_aesdeclast_si128(tmp, p_k.ni.k[0])); } } // namespace ZeroTier diff --git a/core/AES_armcrypto.cpp b/core/AES_armcrypto.cpp index c15fde45d..c13b25604 100644 --- a/core/AES_armcrypto.cpp +++ b/core/AES_armcrypto.cpp @@ -25,12 +25,12 @@ namespace { ZT_INLINE uint8x16_t s_clmul_armneon_crypto(uint8x16_t h, uint8x16_t y, const uint8_t b[16]) noexcept { uint8x16_t r0, r1, t0, t1; - r0 = vld1q_u8(b); + r0 = vld1q_u8(b); const uint8x16_t z = veorq_u8(h, h); - y = veorq_u8(r0, y); - y = vrbitq_u8(y); + y = veorq_u8(r0, y); + y = vrbitq_u8(y); const uint8x16_t p = vreinterpretq_u8_u64(vdupq_n_u64(0x0000000000000087)); - t0 = vextq_u8(y, y, 8); + t0 = vextq_u8(y, y, 8); __asm__ __volatile__("pmull %0.1q, %1.1d, %2.1d \n\t" : "=w"(r0) : "w"(h), "w"(y)); __asm__ __volatile__("pmull2 %0.1q, %1.2d, %2.2d \n\t" : "=w"(r1) : "w"(h), "w"(y)); __asm__ __volatile__("pmull %0.1q, %1.1d, %2.1d \n\t" : "=w"(t1) : "w"(h), "w"(t0)); @@ -51,14 +51,14 @@ ZT_INLINE uint8x16_t s_clmul_armneon_crypto(uint8x16_t h, uint8x16_t y, const ui } // anonymous namespace -void AES::GMAC::p_armUpdate(const uint8_t* in, unsigned int len) noexcept +void AES::GMAC::p_armUpdate(const uint8_t *in, unsigned int len) noexcept { - uint8x16_t y = vld1q_u8(reinterpret_cast(_y)); + uint8x16_t y = vld1q_u8(reinterpret_cast(_y)); const uint8x16_t h = _aes.p_k.neon.h; if (_rp) { for (;;) { - if (! len) + if (!len) return; --len; _r[_rp++] = *(in++); @@ -75,7 +75,7 @@ void AES::GMAC::p_armUpdate(const uint8_t* in, unsigned int len) noexcept len -= 16; } - vst1q_u8(reinterpret_cast(_y), y); + vst1q_u8(reinterpret_cast(_y), y); for (unsigned int i = 0; i < len; ++i) _r[i] = in[i]; @@ -85,7 +85,7 @@ void AES::GMAC::p_armUpdate(const uint8_t* in, unsigned int len) noexcept void AES::GMAC::p_armFinish(uint8_t tag[16]) noexcept { uint64_t tmp[2]; - uint8x16_t y = vld1q_u8(reinterpret_cast(_y)); + uint8x16_t y = vld1q_u8(reinterpret_cast(_y)); const uint8x16_t h = _aes.p_k.neon.h; if (_rp) { @@ -96,36 +96,36 @@ void AES::GMAC::p_armFinish(uint8_t tag[16]) noexcept tmp[0] = Utils::hton((uint64_t)_len << 3U); tmp[1] = 0; - y = s_clmul_armneon_crypto(h, y, reinterpret_cast(tmp)); + y = s_clmul_armneon_crypto(h, y, reinterpret_cast(tmp)); Utils::copy<12>(tmp, _iv); #if __BYTE_ORDER == __BIG_ENDIAN - reinterpret_cast(tmp)[3] = 0x00000001; + reinterpret_cast(tmp)[3] = 0x00000001; #else - reinterpret_cast(tmp)[3] = 0x01000000; + reinterpret_cast(tmp)[3] = 0x01000000; #endif _aes.encrypt(tmp, tmp); uint8x16_t yy = y; - Utils::storeMachineEndian(tag, tmp[0] ^ reinterpret_cast(&yy)[0]); - Utils::storeMachineEndian(tag + 8, tmp[1] ^ reinterpret_cast(&yy)[1]); + Utils::storeMachineEndian(tag, tmp[0] ^ reinterpret_cast(&yy)[0]); + Utils::storeMachineEndian(tag + 8, tmp[1] ^ reinterpret_cast(&yy)[1]); } -void AES::CTR::p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noexcept +void AES::CTR::p_armCrypt(const uint8_t *in, uint8_t *out, unsigned int len) noexcept { - uint8x16_t dd = vrev32q_u8(vld1q_u8(reinterpret_cast(_ctr))); + uint8x16_t dd = vrev32q_u8(vld1q_u8(reinterpret_cast(_ctr))); const uint32x4_t one = { 0, 0, 0, 1 }; - uint8x16_t k0 = _aes.p_k.neon.ek[0]; - uint8x16_t k1 = _aes.p_k.neon.ek[1]; - uint8x16_t k2 = _aes.p_k.neon.ek[2]; - uint8x16_t k3 = _aes.p_k.neon.ek[3]; - uint8x16_t k4 = _aes.p_k.neon.ek[4]; - uint8x16_t k5 = _aes.p_k.neon.ek[5]; - uint8x16_t k6 = _aes.p_k.neon.ek[6]; - uint8x16_t k7 = _aes.p_k.neon.ek[7]; - uint8x16_t k8 = _aes.p_k.neon.ek[8]; - uint8x16_t k9 = _aes.p_k.neon.ek[9]; + uint8x16_t k0 = _aes.p_k.neon.ek[0]; + uint8x16_t k1 = _aes.p_k.neon.ek[1]; + uint8x16_t k2 = _aes.p_k.neon.ek[2]; + uint8x16_t k3 = _aes.p_k.neon.ek[3]; + uint8x16_t k4 = _aes.p_k.neon.ek[4]; + uint8x16_t k5 = _aes.p_k.neon.ek[5]; + uint8x16_t k6 = _aes.p_k.neon.ek[6]; + uint8x16_t k7 = _aes.p_k.neon.ek[7]; + uint8x16_t k8 = _aes.p_k.neon.ek[8]; + uint8x16_t k9 = _aes.p_k.neon.ek[9]; uint8x16_t k10 = _aes.p_k.neon.ek[10]; uint8x16_t k11 = _aes.p_k.neon.ek[11]; uint8x16_t k12 = _aes.p_k.neon.ek[12]; @@ -135,31 +135,31 @@ void AES::CTR::p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noe unsigned int totalLen = _len; if ((totalLen & 15U) != 0) { for (;;) { - if (unlikely(! len)) { - vst1q_u8(reinterpret_cast(_ctr), vrev32q_u8(dd)); + if (unlikely(!len)) { + vst1q_u8(reinterpret_cast(_ctr), vrev32q_u8(dd)); _len = totalLen; return; } --len; out[totalLen++] = *(in++); if ((totalLen & 15U) == 0) { - uint8_t* const otmp = out + (totalLen - 16); - uint8x16_t d0 = vrev32q_u8(dd); - uint8x16_t pt = vld1q_u8(otmp); - d0 = vaesmcq_u8(vaeseq_u8(d0, k0)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k1)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k2)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k3)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k4)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k5)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k6)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k7)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k8)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k9)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k10)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k11)); - d0 = vaesmcq_u8(vaeseq_u8(d0, k12)); - d0 = veorq_u8(vaeseq_u8(d0, k13), k14); + uint8_t *const otmp = out + (totalLen - 16); + uint8x16_t d0 = vrev32q_u8(dd); + uint8x16_t pt = vld1q_u8(otmp); + d0 = vaesmcq_u8(vaeseq_u8(d0, k0)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k1)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k2)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k3)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k4)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k5)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k6)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k7)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k8)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k9)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k10)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k11)); + d0 = vaesmcq_u8(vaeseq_u8(d0, k12)); + d0 = veorq_u8(vaeseq_u8(d0, k13), k14); vst1q_u8(otmp, veorq_u8(pt, d0)); dd = (uint8x16_t)vaddq_u32((uint32x4_t)dd, one); break; @@ -172,15 +172,15 @@ void AES::CTR::p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noe if (likely(len >= 64)) { const uint32x4_t four = vshlq_n_u32(one, 2); - uint8x16_t dd1 = (uint8x16_t)vaddq_u32((uint32x4_t)dd, one); - uint8x16_t dd2 = (uint8x16_t)vaddq_u32((uint32x4_t)dd1, one); - uint8x16_t dd3 = (uint8x16_t)vaddq_u32((uint32x4_t)dd2, one); + uint8x16_t dd1 = (uint8x16_t)vaddq_u32((uint32x4_t)dd, one); + uint8x16_t dd2 = (uint8x16_t)vaddq_u32((uint32x4_t)dd1, one); + uint8x16_t dd3 = (uint8x16_t)vaddq_u32((uint32x4_t)dd2, one); for (;;) { len -= 64; - uint8x16_t d0 = vrev32q_u8(dd); - uint8x16_t d1 = vrev32q_u8(dd1); - uint8x16_t d2 = vrev32q_u8(dd2); - uint8x16_t d3 = vrev32q_u8(dd3); + uint8x16_t d0 = vrev32q_u8(dd); + uint8x16_t d1 = vrev32q_u8(dd1); + uint8x16_t d2 = vrev32q_u8(dd2); + uint8x16_t d3 = vrev32q_u8(dd3); uint8x16_t pt0 = vld1q_u8(in); uint8x16_t pt1 = vld1q_u8(in + 16); uint8x16_t pt2 = vld1q_u8(in + 32); @@ -295,39 +295,53 @@ void AES::CTR::p_armCrypt(const uint8_t* in, uint8_t* out, unsigned int len) noe for (unsigned int i = 0; i < len; ++i) out[i] = in[i]; - vst1q_u8(reinterpret_cast(_ctr), vrev32q_u8(dd)); + vst1q_u8(reinterpret_cast(_ctr), vrev32q_u8(dd)); } -#define ZT_INIT_ARMNEON_CRYPTO_SUBWORD(w) ((uint32_t)s_sbox[w & 0xffU] + ((uint32_t)s_sbox[(w >> 8U) & 0xffU] << 8U) + ((uint32_t)s_sbox[(w >> 16U) & 0xffU] << 16U) + ((uint32_t)s_sbox[(w >> 24U) & 0xffU] << 24U)) +#define ZT_INIT_ARMNEON_CRYPTO_SUBWORD(w) \ + ((uint32_t)s_sbox[w & 0xffU] + ((uint32_t)s_sbox[(w >> 8U) & 0xffU] << 8U) \ + + ((uint32_t)s_sbox[(w >> 16U) & 0xffU] << 16U) + ((uint32_t)s_sbox[(w >> 24U) & 0xffU] << 24U)) #define ZT_INIT_ARMNEON_CRYPTO_ROTWORD(w) (((w) << 8U) | ((w) >> 24U)) #define ZT_INIT_ARMNEON_CRYPTO_NK 8 #define ZT_INIT_ARMNEON_CRYPTO_NB 4 #define ZT_INIT_ARMNEON_CRYPTO_NR 14 -void AES::p_init_armneon_crypto(const uint8_t* key) noexcept +void AES::p_init_armneon_crypto(const uint8_t *key) noexcept { - static const uint8_t s_sbox[256] = { 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, - 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, - 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, - 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, - 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, - 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, - 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, - 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 }; + static const uint8_t s_sbox[256] = { + 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, + 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, 0xfd, 0x93, 0x26, + 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, + 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, + 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, + 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, + 0x50, 0x3c, 0x9f, 0xa8, 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, + 0xf3, 0xd2, 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, + 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, 0xe0, 0x32, + 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, 0xe7, 0xc8, 0x37, 0x6d, + 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, + 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, + 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, + 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, + 0xb0, 0x54, 0xbb, 0x16 + }; uint64_t h[2]; - uint32_t* const w = reinterpret_cast(p_k.neon.ek); + uint32_t *const w = reinterpret_cast(p_k.neon.ek); for (unsigned int i = 0; i < ZT_INIT_ARMNEON_CRYPTO_NK; ++i) { const unsigned int j = i * 4; - w[i] = ((uint32_t)key[j] << 24U) | ((uint32_t)key[j + 1] << 16U) | ((uint32_t)key[j + 2] << 8U) | (uint32_t)key[j + 3]; + w[i] = ((uint32_t)key[j] << 24U) | ((uint32_t)key[j + 1] << 16U) | ((uint32_t)key[j + 2] << 8U) + | (uint32_t)key[j + 3]; } - for (unsigned int i = ZT_INIT_ARMNEON_CRYPTO_NK; i < (ZT_INIT_ARMNEON_CRYPTO_NB * (ZT_INIT_ARMNEON_CRYPTO_NR + 1)); ++i) { - uint32_t t = w[i - 1]; + for (unsigned int i = ZT_INIT_ARMNEON_CRYPTO_NK; i < (ZT_INIT_ARMNEON_CRYPTO_NB * (ZT_INIT_ARMNEON_CRYPTO_NR + 1)); + ++i) { + uint32_t t = w[i - 1]; const unsigned int imod = i & (ZT_INIT_ARMNEON_CRYPTO_NK - 1); if (imod == 0) { - t = ZT_INIT_ARMNEON_CRYPTO_SUBWORD(ZT_INIT_ARMNEON_CRYPTO_ROTWORD(t)) ^ rcon[(i - 1) / ZT_INIT_ARMNEON_CRYPTO_NK]; + t = ZT_INIT_ARMNEON_CRYPTO_SUBWORD(ZT_INIT_ARMNEON_CRYPTO_ROTWORD(t)) + ^ rcon[(i - 1) / ZT_INIT_ARMNEON_CRYPTO_NK]; } else if (imod == 4) { t = ZT_INIT_ARMNEON_CRYPTO_SUBWORD(t); @@ -345,49 +359,49 @@ void AES::p_init_armneon_crypto(const uint8_t* key) noexcept p_encrypt_armneon_crypto(Utils::ZERO256, h); Utils::copy<16>(&(p_k.neon.h), h); - p_k.neon.h = vrbitq_u8(p_k.neon.h); + p_k.neon.h = vrbitq_u8(p_k.neon.h); p_k.sw.h[0] = Utils::ntoh(h[0]); p_k.sw.h[1] = Utils::ntoh(h[1]); } -void AES::p_encrypt_armneon_crypto(const void* const in, void* const out) const noexcept +void AES::p_encrypt_armneon_crypto(const void *const in, void *const out) const noexcept { - uint8x16_t tmp = vld1q_u8(reinterpret_cast(in)); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[0])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[1])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[2])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[3])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[4])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[5])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[6])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[7])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[8])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[9])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[10])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[11])); - tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[12])); - tmp = veorq_u8(vaeseq_u8(tmp, p_k.neon.ek[13]), p_k.neon.ek[14]); - vst1q_u8(reinterpret_cast(out), tmp); + uint8x16_t tmp = vld1q_u8(reinterpret_cast(in)); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[0])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[1])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[2])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[3])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[4])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[5])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[6])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[7])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[8])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[9])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[10])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[11])); + tmp = vaesmcq_u8(vaeseq_u8(tmp, p_k.neon.ek[12])); + tmp = veorq_u8(vaeseq_u8(tmp, p_k.neon.ek[13]), p_k.neon.ek[14]); + vst1q_u8(reinterpret_cast(out), tmp); } -void AES::p_decrypt_armneon_crypto(const void* const in, void* const out) const noexcept +void AES::p_decrypt_armneon_crypto(const void *const in, void *const out) const noexcept { - uint8x16_t tmp = vld1q_u8(reinterpret_cast(in)); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[0])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[1])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[2])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[3])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[4])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[5])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[6])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[7])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[8])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[9])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[10])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[11])); - tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[12])); - tmp = veorq_u8(vaesdq_u8(tmp, p_k.neon.dk[13]), p_k.neon.dk[14]); - vst1q_u8(reinterpret_cast(out), tmp); + uint8x16_t tmp = vld1q_u8(reinterpret_cast(in)); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[0])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[1])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[2])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[3])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[4])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[5])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[6])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[7])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[8])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[9])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[10])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[11])); + tmp = vaesimcq_u8(vaesdq_u8(tmp, p_k.neon.dk[12])); + tmp = veorq_u8(vaesdq_u8(tmp, p_k.neon.dk[13]), p_k.neon.dk[14]); + vst1q_u8(reinterpret_cast(out), tmp); } } // namespace ZeroTier diff --git a/core/Address.hpp b/core/Address.hpp index 2c2baf29b..9e5b6ec70 100644 --- a/core/Address.hpp +++ b/core/Address.hpp @@ -30,19 +30,18 @@ namespace ZeroTier { */ class Address : public TriviallyCopyable { public: - ZT_INLINE Address() noexcept : _a(0) + ZT_INLINE Address() noexcept : _a(0) {} + + ZT_INLINE Address(const uint64_t a) noexcept : _a(a) {} + + explicit ZT_INLINE Address(const uint8_t b[5]) noexcept + : _a( + ((uint64_t)b[0] << 32U) | ((uint64_t)b[1] << 24U) | ((uint64_t)b[2] << 16U) | ((uint64_t)b[3] << 8U) + | (uint64_t)b[4]) { } - ZT_INLINE Address(const uint64_t a) noexcept : _a(a) - { - } - - explicit ZT_INLINE Address(const uint8_t b[5]) noexcept : _a(((uint64_t)b[0] << 32U) | ((uint64_t)b[1] << 24U) | ((uint64_t)b[2] << 16U) | ((uint64_t)b[3] << 8U) | (uint64_t)b[4]) - { - } - - ZT_INLINE Address& operator=(const uint64_t a) noexcept + ZT_INLINE Address &operator=(const uint64_t a) noexcept { _a = a; return *this; @@ -54,7 +53,8 @@ class Address : public TriviallyCopyable { */ ZT_INLINE void setTo(const uint8_t b[5]) noexcept { - _a = ((uint64_t)b[0] << 32U) | ((uint64_t)b[1] << 24U) | ((uint64_t)b[2] << 16U) | ((uint64_t)b[3] << 8U) | (uint64_t)b[4]; + _a = ((uint64_t)b[0] << 32U) | ((uint64_t)b[1] << 24U) | ((uint64_t)b[2] << 16U) | ((uint64_t)b[3] << 8U) + | (uint64_t)b[4]; } /** @@ -64,48 +64,42 @@ class Address : public TriviallyCopyable { ZT_INLINE void copyTo(uint8_t b[5]) const noexcept { const uint64_t a = _a; - b[0] = (uint8_t)(a >> 32U); - b[1] = (uint8_t)(a >> 24U); - b[2] = (uint8_t)(a >> 16U); - b[3] = (uint8_t)(a >> 8U); - b[4] = (uint8_t)a; + b[0] = (uint8_t)(a >> 32U); + b[1] = (uint8_t)(a >> 24U); + b[2] = (uint8_t)(a >> 16U); + b[3] = (uint8_t)(a >> 8U); + b[4] = (uint8_t)a; } /** * @return Integer containing address (0 to 2^40) */ - ZT_INLINE uint64_t toInt() const noexcept - { - return _a; - } + ZT_INLINE uint64_t toInt() const noexcept { return _a; } /** * Set address to zero/NIL */ - ZT_INLINE void zero() noexcept - { - _a = 0; - } + ZT_INLINE void zero() noexcept { _a = 0; } /** * @param s String with at least 11 characters of space available (10 + terminating NULL) * @return Hexadecimal string */ - ZT_INLINE char* toString(char s[ZT_ADDRESS_STRING_SIZE_MAX]) const noexcept + ZT_INLINE char *toString(char s[ZT_ADDRESS_STRING_SIZE_MAX]) const noexcept { - const uint64_t a = _a; + const uint64_t a = _a; const unsigned int m = 0xf; - s[0] = Utils::HEXCHARS[(unsigned int)(a >> 36U) & m]; - s[1] = Utils::HEXCHARS[(unsigned int)(a >> 32U) & m]; - s[2] = Utils::HEXCHARS[(unsigned int)(a >> 28U) & m]; - s[3] = Utils::HEXCHARS[(unsigned int)(a >> 24U) & m]; - s[4] = Utils::HEXCHARS[(unsigned int)(a >> 20U) & m]; - s[5] = Utils::HEXCHARS[(unsigned int)(a >> 16U) & m]; - s[6] = Utils::HEXCHARS[(unsigned int)(a >> 12U) & m]; - s[7] = Utils::HEXCHARS[(unsigned int)(a >> 8U) & m]; - s[8] = Utils::HEXCHARS[(unsigned int)(a >> 4U) & m]; - s[9] = Utils::HEXCHARS[(unsigned int)a & m]; - s[10] = 0; + s[0] = Utils::HEXCHARS[(unsigned int)(a >> 36U) & m]; + s[1] = Utils::HEXCHARS[(unsigned int)(a >> 32U) & m]; + s[2] = Utils::HEXCHARS[(unsigned int)(a >> 28U) & m]; + s[3] = Utils::HEXCHARS[(unsigned int)(a >> 24U) & m]; + s[4] = Utils::HEXCHARS[(unsigned int)(a >> 20U) & m]; + s[5] = Utils::HEXCHARS[(unsigned int)(a >> 16U) & m]; + s[6] = Utils::HEXCHARS[(unsigned int)(a >> 12U) & m]; + s[7] = Utils::HEXCHARS[(unsigned int)(a >> 8U) & m]; + s[8] = Utils::HEXCHARS[(unsigned int)(a >> 4U) & m]; + s[9] = Utils::HEXCHARS[(unsigned int)a & m]; + s[10] = 0; return s; } @@ -125,85 +119,37 @@ class Address : public TriviallyCopyable { * * @return True if address is reserved and may not be used */ - ZT_INLINE bool isReserved() const noexcept - { - return ((! _a) || ((_a >> 32U) == ZT_ADDRESS_RESERVED_PREFIX)); - } + ZT_INLINE bool isReserved() const noexcept { return ((!_a) || ((_a >> 32U) == ZT_ADDRESS_RESERVED_PREFIX)); } - ZT_INLINE unsigned long hashCode() const noexcept - { - return (unsigned long)_a; - } + ZT_INLINE unsigned long hashCode() const noexcept { return (unsigned long)_a; } - ZT_INLINE operator bool() const noexcept - { - return (_a != 0); - } + ZT_INLINE operator bool() const noexcept { return (_a != 0); } - ZT_INLINE operator uint64_t() const noexcept - { - return _a; - } + ZT_INLINE operator uint64_t() const noexcept { return _a; } - ZT_INLINE bool operator==(const Address& a) const noexcept - { - return _a == a._a; - } + ZT_INLINE bool operator==(const Address &a) const noexcept { return _a == a._a; } - ZT_INLINE bool operator!=(const Address& a) const noexcept - { - return _a != a._a; - } + ZT_INLINE bool operator!=(const Address &a) const noexcept { return _a != a._a; } - ZT_INLINE bool operator>(const Address& a) const noexcept - { - return _a > a._a; - } + ZT_INLINE bool operator>(const Address &a) const noexcept { return _a > a._a; } - ZT_INLINE bool operator<(const Address& a) const noexcept - { - return _a < a._a; - } + ZT_INLINE bool operator<(const Address &a) const noexcept { return _a < a._a; } - ZT_INLINE bool operator>=(const Address& a) const noexcept - { - return _a >= a._a; - } + ZT_INLINE bool operator>=(const Address &a) const noexcept { return _a >= a._a; } - ZT_INLINE bool operator<=(const Address& a) const noexcept - { - return _a <= a._a; - } + ZT_INLINE bool operator<=(const Address &a) const noexcept { return _a <= a._a; } - ZT_INLINE bool operator==(const uint64_t a) const noexcept - { - return _a == a; - } + ZT_INLINE bool operator==(const uint64_t a) const noexcept { return _a == a; } - ZT_INLINE bool operator!=(const uint64_t a) const noexcept - { - return _a != a; - } + ZT_INLINE bool operator!=(const uint64_t a) const noexcept { return _a != a; } - ZT_INLINE bool operator>(const uint64_t a) const noexcept - { - return _a > a; - } + ZT_INLINE bool operator>(const uint64_t a) const noexcept { return _a > a; } - ZT_INLINE bool operator<(const uint64_t a) const noexcept - { - return _a < a; - } + ZT_INLINE bool operator<(const uint64_t a) const noexcept { return _a < a; } - ZT_INLINE bool operator>=(const uint64_t a) const noexcept - { - return _a >= a; - } + ZT_INLINE bool operator>=(const uint64_t a) const noexcept { return _a >= a; } - ZT_INLINE bool operator<=(const uint64_t a) const noexcept - { - return _a <= a; - } + ZT_INLINE bool operator<=(const uint64_t a) const noexcept { return _a <= a; } private: uint64_t _a; diff --git a/core/Buf.cpp b/core/Buf.cpp index 38118fb75..fc0c18a6a 100644 --- a/core/Buf.cpp +++ b/core/Buf.cpp @@ -23,36 +23,36 @@ static std::atomic s_allocated(0); // uintptr_max can never be a valid pointer, so use it to indicate that s_pool is locked (very short duration spinlock) #define ZT_ATOMIC_PTR_LOCKED (~((uintptr_t)0)) -void* Buf::operator new(std::size_t sz) +void *Buf::operator new(std::size_t sz) { uintptr_t bb; for (;;) { bb = s_pool.exchange(ZT_ATOMIC_PTR_LOCKED, std::memory_order_acquire); if (likely(bb != ZT_ATOMIC_PTR_LOCKED)) { - Buf* b; + Buf *b; if (likely(bb != 0)) { - b = reinterpret_cast(bb); + b = reinterpret_cast(bb); s_pool.store(b->__nextInPool, std::memory_order_release); } else { s_pool.store(0, std::memory_order_release); - b = reinterpret_cast(malloc(sz)); - if (! b) + b = reinterpret_cast(malloc(sz)); + if (!b) throw Utils::BadAllocException; s_allocated.fetch_add(1, std::memory_order_relaxed); } b->__refCount.store(0, std::memory_order_relaxed); - return reinterpret_cast(b); + return reinterpret_cast(b); } Spinlock::pause(); } } -void Buf::operator delete(void* ptr) +void Buf::operator delete(void *ptr) { if (likely(ptr != nullptr)) { if (s_allocated.load(std::memory_order_relaxed) > ZT_BUF_MAX_POOL_SIZE) { @@ -64,7 +64,7 @@ void Buf::operator delete(void* ptr) for (;;) { bb = s_pool.exchange(ZT_ATOMIC_PTR_LOCKED, std::memory_order_acquire); if (likely(bb != ZT_ATOMIC_PTR_LOCKED)) { - reinterpret_cast(ptr)->__nextInPool = bb; + reinterpret_cast(ptr)->__nextInPool = bb; s_pool.store(reinterpret_cast(ptr), std::memory_order_release); return; } @@ -84,9 +84,9 @@ void Buf::freePool() noexcept s_pool.store(0, std::memory_order_release); while (bb != 0) { - const uintptr_t next = reinterpret_cast(bb)->__nextInPool; + const uintptr_t next = reinterpret_cast(bb)->__nextInPool; s_allocated.fetch_sub(1, std::memory_order_relaxed); - free(reinterpret_cast(bb)); + free(reinterpret_cast(bb)); bb = next; } @@ -97,9 +97,6 @@ void Buf::freePool() noexcept } } -long Buf::poolAllocated() noexcept -{ - return s_allocated.load(std::memory_order_relaxed); -} +long Buf::poolAllocated() noexcept { return s_allocated.load(std::memory_order_relaxed); } } // namespace ZeroTier diff --git a/core/Buf.hpp b/core/Buf.hpp index 2a35a87f9..a5425e593 100644 --- a/core/Buf.hpp +++ b/core/Buf.hpp @@ -82,9 +82,9 @@ class Buf { public: // New and delete operators that allocate Buf instances from a shared lock-free memory pool. - static void* operator new(std::size_t sz); + static void *operator new(std::size_t sz); - static void operator delete(void* ptr); + static void operator delete(void *ptr); /** * Raw data held in buffer @@ -113,29 +113,18 @@ class Buf { * Slice is almost exactly like the built-in slice data structure in Go */ struct Slice : TriviallyCopyable { - ZT_INLINE Slice(const SharedPtr& b_, const unsigned int s_, const unsigned int e_) noexcept + ZT_INLINE Slice(const SharedPtr &b_, const unsigned int s_, const unsigned int e_) noexcept : b(b_) , s(s_) , e(e_) { } - ZT_INLINE Slice() noexcept - : b() - , s(0) - , e(0) - { - } + ZT_INLINE Slice() noexcept : b(), s(0), e(0) {} - ZT_INLINE operator bool() const noexcept - { - return (b); - } + ZT_INLINE operator bool() const noexcept { return (b); } - ZT_INLINE unsigned int size() const noexcept - { - return (e - s); - } + ZT_INLINE unsigned int size() const noexcept { return (e - s); } ZT_INLINE void zero() noexcept { @@ -165,9 +154,7 @@ class Buf { */ class PacketVector : public ZeroTier::FCV { public: - ZT_INLINE PacketVector() : ZeroTier::FCV() - { - } + ZT_INLINE PacketVector() : ZeroTier::FCV() {} ZT_INLINE unsigned int totalSize() const noexcept { @@ -183,12 +170,12 @@ class Buf { * @param b Destination buffer * @return Size of data in destination or -1 on error */ - ZT_INLINE int mergeCopy(Buf& b) const noexcept + ZT_INLINE int mergeCopy(Buf &b) const noexcept { unsigned int size = 0; for (PacketVector::const_iterator s(begin()); s != end(); ++s) { const unsigned int start = s->s; - const unsigned int rem = s->e - start; + const unsigned int rem = s->e - start; if (likely((size + rem) <= ZT_BUF_MEM_SIZE)) { Utils::copy(b.unsafeData + size, s->b->unsafeData + start, rem); size += rem; @@ -211,12 +198,13 @@ class Buf { * @tparam F Type of copyFunction (typically inferred) * @return Size of data in destination or -1 on error */ - template ZT_INLINE int mergeMap(Buf& b, const unsigned int simpleCopyBefore, F copyFunction) const noexcept + template + ZT_INLINE int mergeMap(Buf &b, const unsigned int simpleCopyBefore, F copyFunction) const noexcept { unsigned int size = 0; for (PacketVector::const_iterator s(begin()); s != end(); ++s) { unsigned int start = s->s; - unsigned int rem = s->e - start; + unsigned int rem = s->e - start; if (likely((size + rem) <= ZT_BUF_MEM_SIZE)) { if (size < simpleCopyBefore) { unsigned int sc = simpleCopyBefore - size; @@ -243,28 +231,22 @@ class Buf { /** * Create a new uninitialized buffer with undefined contents (use clear() to zero if needed) */ - ZT_INLINE Buf() noexcept - : __nextInPool(0) - , __refCount(0) - { - } + ZT_INLINE Buf() noexcept : __nextInPool(0), __refCount(0) {} /** * Create a new buffer and copy data into it */ - ZT_INLINE Buf(const void* const data, const unsigned int len) noexcept : __refCount(0) + ZT_INLINE Buf(const void *const data, const unsigned int len) noexcept : __refCount(0) { Utils::copy(unsafeData, data, len); } - ZT_INLINE Buf(const Buf& b2) noexcept - : __nextInPool(0) - , __refCount(0) + ZT_INLINE Buf(const Buf &b2) noexcept : __nextInPool(0), __refCount(0) { Utils::copy(unsafeData, b2.unsafeData); } - ZT_INLINE Buf& operator=(const Buf& b2) noexcept + ZT_INLINE Buf &operator=(const Buf &b2) noexcept { if (this != &b2) Utils::copy(unsafeData, b2.unsafeData); @@ -280,10 +262,7 @@ class Buf { * @param ii Iterator to check * @return True if iterator has read past the size of the buffer */ - static ZT_INLINE bool writeOverflow(const int& ii) noexcept - { - return ((ii - ZT_BUF_MEM_SIZE) > 0); - } + static ZT_INLINE bool writeOverflow(const int &ii) noexcept { return ((ii - ZT_BUF_MEM_SIZE) > 0); } /** * Check for overflow beyond the size of the data that should be in the buffer @@ -295,7 +274,7 @@ class Buf { * @param size Size of data that should be in buffer * @return True if iterator has read past the size of the data */ - static ZT_INLINE bool readOverflow(const int& ii, const unsigned int size) noexcept + static ZT_INLINE bool readOverflow(const int &ii, const unsigned int size) noexcept { return ((ii - (int)size) > 0); } @@ -303,10 +282,7 @@ class Buf { /** * Set all memory to zero */ - ZT_INLINE void clear() noexcept - { - Utils::zero(unsafeData); - } + ZT_INLINE void clear() noexcept { Utils::zero(unsafeData); } /** * Read a byte @@ -314,7 +290,7 @@ class Buf { * @param ii Index value-result parameter (incremented by 1) * @return Byte (undefined on overflow) */ - ZT_INLINE uint8_t rI8(int& ii) const noexcept + ZT_INLINE uint8_t rI8(int &ii) const noexcept { const int s = ii++; return unsafeData[(unsigned int)s & ZT_BUF_MEM_MASK]; @@ -326,14 +302,14 @@ class Buf { * @param ii Index value-result parameter (incremented by 2) * @return Integer (undefined on overflow) */ - ZT_INLINE uint16_t rI16(int& ii) const noexcept + ZT_INLINE uint16_t rI16(int &ii) const noexcept { const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK; ii += 2; #ifdef ZT_NO_UNALIGNED_ACCESS return (((uint16_t)unsafeData[s] << 8U) | (uint16_t)unsafeData[s + 1]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + s)); + return Utils::ntoh(*reinterpret_cast(unsafeData + s)); #endif } @@ -343,14 +319,16 @@ class Buf { * @param ii Index value-result parameter (incremented by 4) * @return Integer (undefined on overflow) */ - ZT_INLINE uint32_t rI32(int& ii) const noexcept + ZT_INLINE uint32_t rI32(int &ii) const noexcept { const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK; ii += 4; #ifdef ZT_NO_UNALIGNED_ACCESS - return (((uint32_t)unsafeData[s] << 24U) | ((uint32_t)unsafeData[s + 1] << 16U) | ((uint32_t)unsafeData[s + 2] << 8U) | (uint32_t)unsafeData[s + 3]); + return ( + ((uint32_t)unsafeData[s] << 24U) | ((uint32_t)unsafeData[s + 1] << 16U) + | ((uint32_t)unsafeData[s + 2] << 8U) | (uint32_t)unsafeData[s + 3]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + s)); + return Utils::ntoh(*reinterpret_cast(unsafeData + s)); #endif } @@ -360,16 +338,18 @@ class Buf { * @param ii Index value-result parameter (incremented by 8) * @return Integer (undefined on overflow) */ - ZT_INLINE uint64_t rI64(int& ii) const noexcept + ZT_INLINE uint64_t rI64(int &ii) const noexcept { const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK; ii += 8; #ifdef ZT_NO_UNALIGNED_ACCESS return ( - ((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) | ((uint64_t)unsafeData[s + 2] << 40U) | ((uint64_t)unsafeData[s + 3] << 32U) | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U) + ((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) + | ((uint64_t)unsafeData[s + 2] << 40U) | ((uint64_t)unsafeData[s + 3] << 32U) + | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U) | ((uint64_t)unsafeData[s + 6] << 8U) | (uint64_t)unsafeData[s + 7]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + s)); + return Utils::ntoh(*reinterpret_cast(unsafeData + s)); #endif } @@ -388,7 +368,7 @@ class Buf { * @param obj Object to read * @return Bytes read or a negative value on unmarshal error (passed from object) or overflow */ - template ZT_INLINE int rO(int& ii, T& obj) const noexcept + template ZT_INLINE int rO(int &ii, T &obj) const noexcept { if (likely(ii < ZT_BUF_MEM_SIZE)) { int ms = obj.unmarshal(unsafeData + ii, ZT_BUF_MEM_SIZE - ii); @@ -410,10 +390,10 @@ class Buf { * @param bufSize Capacity of buffer in bytes * @return Pointer to buf or NULL on overflow or error */ - ZT_INLINE char* rS(int& ii, char* const buf, const unsigned int bufSize) const noexcept + ZT_INLINE char *rS(int &ii, char *const buf, const unsigned int bufSize) const noexcept { - const char* const s = (const char*)(unsafeData + ii); - const int sii = ii; + const char *const s = (const char *)(unsafeData + ii); + const int sii = ii; while (ii < ZT_BUF_MEM_SIZE) { if (unsafeData[ii++] == 0) { const int l = ii - sii; @@ -439,9 +419,9 @@ class Buf { * @param ii Index value-result parameter (incremented by length of string) * @return Pointer to null-terminated C-style string or NULL on overflow or error */ - ZT_INLINE const char* rSnc(int& ii) const noexcept + ZT_INLINE const char *rSnc(int &ii) const noexcept { - const char* const s = (const char*)(unsafeData + ii); + const char *const s = (const char *)(unsafeData + ii); while (ii < ZT_BUF_MEM_SIZE) { if (unsafeData[ii++] == 0) return s; @@ -460,11 +440,11 @@ class Buf { * @param len Length of buffer * @return Pointer to data or NULL on overflow or error */ - ZT_INLINE uint8_t* rB(int& ii, void* const bytes, const unsigned int len) const noexcept + ZT_INLINE uint8_t *rB(int &ii, void *const bytes, const unsigned int len) const noexcept { if (likely(((ii += (int)len) <= ZT_BUF_MEM_SIZE))) { Utils::copy(bytes, unsafeData + ii, len); - return reinterpret_cast(bytes); + return reinterpret_cast(bytes); } return nullptr; } @@ -482,9 +462,9 @@ class Buf { * @param len Length of data field to obtain a pointer to * @return Pointer to field or NULL on overflow */ - ZT_INLINE const uint8_t* rBnc(int& ii, unsigned int len) const noexcept + ZT_INLINE const uint8_t *rBnc(int &ii, unsigned int len) const noexcept { - const uint8_t* const b = unsafeData + ii; + const uint8_t *const b = unsafeData + ii; return ((ii += (int)len) <= ZT_BUF_MEM_SIZE) ? b : nullptr; } @@ -512,7 +492,7 @@ class Buf { #ifdef ZT_NO_UNALIGNED_ACCESS return (((uint16_t)unsafeData[I] << 8U) | (uint16_t)unsafeData[I + 1]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + I)); + return Utils::ntoh(*reinterpret_cast(unsafeData + I)); #endif } @@ -526,9 +506,11 @@ class Buf { { static_assert((I + 3) < ZT_BUF_MEM_SIZE, "overflow"); #ifdef ZT_NO_UNALIGNED_ACCESS - return (((uint32_t)unsafeData[I] << 24U) | ((uint32_t)unsafeData[I + 1] << 16U) | ((uint32_t)unsafeData[I + 2] << 8U) | (uint32_t)unsafeData[I + 3]); + return ( + ((uint32_t)unsafeData[I] << 24U) | ((uint32_t)unsafeData[I + 1] << 16U) + | ((uint32_t)unsafeData[I + 2] << 8U) | (uint32_t)unsafeData[I + 3]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + I)); + return Utils::ntoh(*reinterpret_cast(unsafeData + I)); #endif } @@ -543,10 +525,12 @@ class Buf { static_assert((I + 7) < ZT_BUF_MEM_SIZE, "overflow"); #ifdef ZT_NO_UNALIGNED_ACCESS return ( - ((uint64_t)unsafeData[I] << 56U) | ((uint64_t)unsafeData[I + 1] << 48U) | ((uint64_t)unsafeData[I + 2] << 40U) | ((uint64_t)unsafeData[I + 3] << 32U) | ((uint64_t)unsafeData[I + 4] << 24U) | ((uint64_t)unsafeData[I + 5] << 16U) + ((uint64_t)unsafeData[I] << 56U) | ((uint64_t)unsafeData[I + 1] << 48U) + | ((uint64_t)unsafeData[I + 2] << 40U) | ((uint64_t)unsafeData[I + 3] << 32U) + | ((uint64_t)unsafeData[I + 4] << 24U) | ((uint64_t)unsafeData[I + 5] << 16U) | ((uint64_t)unsafeData[I + 6] << 8U) | (uint64_t)unsafeData[I + 7]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + I)); + return Utils::ntoh(*reinterpret_cast(unsafeData + I)); #endif } @@ -557,10 +541,7 @@ class Buf { * will not necessarily result in a 'true' return from readOverflow(). It does * however subject 'ii' to soft bounds masking like the gI??() methods. */ - ZT_INLINE uint8_t lI8(const int ii) const noexcept - { - return unsafeData[(unsigned int)ii & ZT_BUF_MEM_MASK]; - } + ZT_INLINE uint8_t lI8(const int ii) const noexcept { return unsafeData[(unsigned int)ii & ZT_BUF_MEM_MASK]; } /** * Load a value at an index without advancing the index @@ -575,7 +556,7 @@ class Buf { #ifdef ZT_NO_UNALIGNED_ACCESS return (((uint16_t)unsafeData[s] << 8U) | (uint16_t)unsafeData[s + 1]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + s)); + return Utils::ntoh(*reinterpret_cast(unsafeData + s)); #endif } @@ -590,9 +571,11 @@ class Buf { { const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK; #ifdef ZT_NO_UNALIGNED_ACCESS - return (((uint32_t)unsafeData[s] << 24U) | ((uint32_t)unsafeData[s + 1] << 16U) | ((uint32_t)unsafeData[s + 2] << 8U) | (uint32_t)unsafeData[s + 3]); + return ( + ((uint32_t)unsafeData[s] << 24U) | ((uint32_t)unsafeData[s + 1] << 16U) + | ((uint32_t)unsafeData[s + 2] << 8U) | (uint32_t)unsafeData[s + 3]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + s)); + return Utils::ntoh(*reinterpret_cast(unsafeData + s)); #endif } @@ -608,10 +591,12 @@ class Buf { const unsigned int s = (unsigned int)ii & ZT_BUF_MEM_MASK; #ifdef ZT_NO_UNALIGNED_ACCESS return ( - ((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) | ((uint64_t)unsafeData[s + 2] << 40U) | ((uint64_t)unsafeData[s + 3] << 32U) | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U) + ((uint64_t)unsafeData[s] << 56U) | ((uint64_t)unsafeData[s + 1] << 48U) + | ((uint64_t)unsafeData[s + 2] << 40U) | ((uint64_t)unsafeData[s + 3] << 32U) + | ((uint64_t)unsafeData[s + 4] << 24U) | ((uint64_t)unsafeData[s + 5] << 16U) | ((uint64_t)unsafeData[s + 6] << 8U) | (uint64_t)unsafeData[s + 7]); #else - return Utils::ntoh(*reinterpret_cast(unsafeData + s)); + return Utils::ntoh(*reinterpret_cast(unsafeData + s)); #endif } @@ -621,9 +606,9 @@ class Buf { * @param ii Index value-result parameter (incremented by 1) * @param n Byte */ - ZT_INLINE void wI8(int& ii, const uint8_t n) noexcept + ZT_INLINE void wI8(int &ii, const uint8_t n) noexcept { - const int s = ii++; + const int s = ii++; unsafeData[(unsigned int)s & ZT_BUF_MEM_MASK] = n; } @@ -633,15 +618,15 @@ class Buf { * @param ii Index value-result parameter (incremented by 2) * @param n Integer */ - ZT_INLINE void wI16(int& ii, const uint16_t n) noexcept + ZT_INLINE void wI16(int &ii, const uint16_t n) noexcept { const unsigned int s = ((unsigned int)ii) & ZT_BUF_MEM_MASK; ii += 2; #ifdef ZT_NO_UNALIGNED_ACCESS - unsafeData[s] = (uint8_t)(n >> 8U); + unsafeData[s] = (uint8_t)(n >> 8U); unsafeData[s + 1] = (uint8_t)n; #else - *reinterpret_cast(unsafeData + s) = Utils::hton(n); + *reinterpret_cast(unsafeData + s) = Utils::hton(n); #endif } @@ -651,17 +636,17 @@ class Buf { * @param ii Index value-result parameter (incremented by 4) * @param n Integer */ - ZT_INLINE void wI32(int& ii, const uint32_t n) noexcept + ZT_INLINE void wI32(int &ii, const uint32_t n) noexcept { const unsigned int s = ((unsigned int)ii) & ZT_BUF_MEM_MASK; ii += 4; #ifdef ZT_NO_UNALIGNED_ACCESS - unsafeData[s] = (uint8_t)(n >> 24U); + unsafeData[s] = (uint8_t)(n >> 24U); unsafeData[s + 1] = (uint8_t)(n >> 16U); unsafeData[s + 2] = (uint8_t)(n >> 8U); unsafeData[s + 3] = (uint8_t)n; #else - *reinterpret_cast(unsafeData + s) = Utils::hton(n); + *reinterpret_cast(unsafeData + s) = Utils::hton(n); #endif } @@ -671,12 +656,12 @@ class Buf { * @param ii Index value-result parameter (incremented by 8) * @param n Integer */ - ZT_INLINE void wI64(int& ii, const uint64_t n) noexcept + ZT_INLINE void wI64(int &ii, const uint64_t n) noexcept { const unsigned int s = ((unsigned int)ii) & ZT_BUF_MEM_MASK; ii += 8; #ifdef ZT_NO_UNALIGNED_ACCESS - unsafeData[s] = (uint8_t)(n >> 56U); + unsafeData[s] = (uint8_t)(n >> 56U); unsafeData[s + 1] = (uint8_t)(n >> 48U); unsafeData[s + 2] = (uint8_t)(n >> 40U); unsafeData[s + 3] = (uint8_t)(n >> 32U); @@ -685,7 +670,7 @@ class Buf { unsafeData[s + 6] = (uint8_t)(n >> 8U); unsafeData[s + 7] = (uint8_t)n; #else - *reinterpret_cast(unsafeData + s) = Utils::hton(n); + *reinterpret_cast(unsafeData + s) = Utils::hton(n); #endif } @@ -696,7 +681,7 @@ class Buf { * @param ii Index value-result parameter (incremented by size of object) * @param t Object to write */ - template ZT_INLINE void wO(int& ii, T& t) noexcept + template ZT_INLINE void wO(int &ii, T &t) noexcept { const int s = ii; if (likely((s + T::marshalSizeMax()) <= ZT_BUF_MEM_SIZE)) { @@ -715,7 +700,7 @@ class Buf { * @param ii Index value-result parameter (incremented by length of string) * @param s String to write (writes an empty string if this is NULL) */ - ZT_INLINE void wS(int& ii, const char* s) noexcept + ZT_INLINE void wS(int &ii, const char *s) noexcept { if (s) { char c; @@ -736,7 +721,7 @@ class Buf { * @param bytes Bytes to write * @param len Size of data in bytes */ - ZT_INLINE void wB(int& ii, const void* const bytes, const unsigned int len) noexcept + ZT_INLINE void wB(int &ii, const void *const bytes, const unsigned int len) noexcept { const int s = ii; if (likely((ii += (int)len) <= ZT_BUF_MEM_SIZE)) @@ -749,7 +734,7 @@ class Buf { * @param ii Index value-result parameter (incremented by len) * @param len Number of zero bytes to write */ - ZT_INLINE void wZ(int& ii, const unsigned int len) noexcept + ZT_INLINE void wZ(int &ii, const unsigned int len) noexcept { const int s = ii; if (likely((ii += (int)len) <= ZT_BUF_MEM_SIZE)) @@ -762,7 +747,7 @@ class Buf { * @param ii Index value-result parameter (incremented by len) * @param len Number of random bytes to write */ - ZT_INLINE void wR(int& ii, const unsigned int len) noexcept + ZT_INLINE void wR(int &ii, const unsigned int len) noexcept { const int s = ii; if (likely((ii += (int)len) <= ZT_BUF_MEM_SIZE)) @@ -772,10 +757,7 @@ class Buf { /** * Store a byte without advancing the index */ - ZT_INLINE void sI8(const int ii, const uint8_t n) noexcept - { - unsafeData[(unsigned int)ii & ZT_BUF_MEM_MASK] = n; - } + ZT_INLINE void sI8(const int ii, const uint8_t n) noexcept { unsafeData[(unsigned int)ii & ZT_BUF_MEM_MASK] = n; } /** * Store an integer without advancing the index @@ -784,10 +766,10 @@ class Buf { { const unsigned int s = ((unsigned int)ii) & ZT_BUF_MEM_MASK; #ifdef ZT_NO_UNALIGNED_ACCESS - unsafeData[s] = (uint8_t)(n >> 8U); + unsafeData[s] = (uint8_t)(n >> 8U); unsafeData[s + 1] = (uint8_t)n; #else - *reinterpret_cast(unsafeData + s) = Utils::hton(n); + *reinterpret_cast(unsafeData + s) = Utils::hton(n); #endif } @@ -798,12 +780,12 @@ class Buf { { const unsigned int s = ((unsigned int)ii) & ZT_BUF_MEM_MASK; #ifdef ZT_NO_UNALIGNED_ACCESS - unsafeData[s] = (uint8_t)(n >> 24U); + unsafeData[s] = (uint8_t)(n >> 24U); unsafeData[s + 1] = (uint8_t)(n >> 16U); unsafeData[s + 2] = (uint8_t)(n >> 8U); unsafeData[s + 3] = (uint8_t)n; #else - *reinterpret_cast(unsafeData + s) = Utils::hton(n); + *reinterpret_cast(unsafeData + s) = Utils::hton(n); #endif } @@ -814,7 +796,7 @@ class Buf { { const unsigned int s = ((unsigned int)ii) & ZT_BUF_MEM_MASK; #ifdef ZT_NO_UNALIGNED_ACCESS - unsafeData[s] = (uint8_t)(n >> 56U); + unsafeData[s] = (uint8_t)(n >> 56U); unsafeData[s + 1] = (uint8_t)(n >> 48U); unsafeData[s + 2] = (uint8_t)(n >> 40U); unsafeData[s + 3] = (uint8_t)(n >> 32U); @@ -823,17 +805,14 @@ class Buf { unsafeData[s + 6] = (uint8_t)(n >> 8U); unsafeData[s + 7] = (uint8_t)n; #else - *reinterpret_cast(unsafeData + s) = Utils::hton(n); + *reinterpret_cast(unsafeData + s) = Utils::hton(n); #endif } /** * @return Capacity of this buffer (usable size of data.bytes) */ - static constexpr unsigned int capacity() noexcept - { - return ZT_BUF_MEM_SIZE; - } + static constexpr unsigned int capacity() noexcept { return ZT_BUF_MEM_SIZE; } private: volatile uintptr_t __nextInPool; diff --git a/core/C25519.cpp b/core/C25519.cpp index 12fd37982..09ac05a79 100644 --- a/core/C25519.cpp +++ b/core/C25519.cpp @@ -27,7 +27,6 @@ namespace { // -------------------------------------------------------------------------------------------------------------------- -#define crypto_uint32 uint32_t #define crypto_hash_sha512_BYTES 64 typedef uint8_t u8; typedef int32_t s32; @@ -168,7 +167,7 @@ ZT_INLINE limb div_by_2_25(const limb v) return (v + roundoff) >> 25; } -void freduce_coefficients(limb *output) +ZT_INLINE void freduce_coefficients(limb *output) { output[10] = 0; for (int i = 0; i < 10; i += 2) { @@ -183,11 +182,9 @@ void freduce_coefficients(limb *output) output[0] += output[10] << 1; output[0] += output[10]; output[10] = 0; - { - limb over = div_by_2_26(output[0]); - output[0] -= over << 26; - output[1] += over; - } + limb over = div_by_2_26(output[0]); + output[0] -= over << 26; + output[1] += over; } ZT_INLINE void fmul(limb *output, const limb *in, const limb *in2) @@ -591,11 +588,11 @@ ZT_INLINE void crypto_scalarmult_base(unsigned char *q, const unsigned char *n) // Ed25519 ref from: http://bench.cr.yp.to/supercop.html typedef struct { - crypto_uint32 v[32]; + uint32_t v[32]; } fe25519; typedef struct { - crypto_uint32 v[32]; + uint32_t v[32]; } sc25519; typedef struct { @@ -618,15 +615,15 @@ typedef struct { void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y); -ZT_INLINE crypto_uint32 equal(crypto_uint32 a, crypto_uint32 b) +ZT_INLINE uint32_t equal(uint32_t a, uint32_t b) { - crypto_uint32 x = a ^ b; + uint32_t x = a ^ b; x -= 1; x >>= 31; return x; } -ZT_INLINE crypto_uint32 ge(crypto_uint32 a, crypto_uint32 b) +ZT_INLINE uint32_t ge(uint32_t a, uint32_t b) { unsigned int x = a; x -= (unsigned int)b; @@ -635,13 +632,13 @@ ZT_INLINE crypto_uint32 ge(crypto_uint32 a, crypto_uint32 b) return x; } -ZT_INLINE crypto_uint32 times19(crypto_uint32 a) { return (a << 4) + (a << 1) + a; } -ZT_INLINE crypto_uint32 times38(crypto_uint32 a) { return (a << 5) + (a << 2) + (a << 1); } +ZT_INLINE uint32_t times19(uint32_t a) { return (a << 4) + (a << 1) + a; } +ZT_INLINE uint32_t times38(uint32_t a) { return (a << 5) + (a << 2) + (a << 1); } void reduce_add_sub(fe25519 *r) { for (int rep = 0; rep < 4; rep++) { - crypto_uint32 t = r->v[31] >> 7; + uint32_t t = r->v[31] >> 7; r->v[31] &= 127; t = times19(t); r->v[0] += t; @@ -656,7 +653,7 @@ void reduce_add_sub(fe25519 *r) ZT_INLINE void reduce_mul(fe25519 *r) { for (int rep = 0; rep < 2; rep++) { - crypto_uint32 t = r->v[31] >> 7; + uint32_t t = r->v[31] >> 7; r->v[31] &= 127; t = times19(t); r->v[0] += t; @@ -670,7 +667,7 @@ ZT_INLINE void reduce_mul(fe25519 *r) void fe25519_freeze(fe25519 *r) { - crypto_uint32 mm = equal(r->v[31], 127); + uint32_t mm = equal(r->v[31], 127); for (int i = 30; i > 0; i--) mm &= equal(r->v[i], 255); mm &= ge(r->v[0], 237); @@ -711,8 +708,8 @@ ZT_INLINE int fe25519_iseq_vartime(const fe25519 *x, const fe25519 *y) ZT_INLINE void fe25519_cmov(fe25519 *r, const fe25519 *x, unsigned char b) { - crypto_uint32 mask = b; - mask = -mask; + uint32_t mask = b; + mask = -mask; for (int i = 0; i < 32; i++) r->v[i] ^= mask & (x->v[i] ^ r->v[i]); } @@ -755,7 +752,7 @@ ZT_INLINE void fe25519_add(fe25519 *r, const fe25519 *x, const fe25519 *y) void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y) { - crypto_uint32 t[32]; + uint32_t t[32]; t[0] = x->v[0] + 0x1da; t[31] = x->v[31] + 0xfe; for (int i = 1; i < 31; i++) @@ -767,7 +764,7 @@ void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y) void fe25519_mul(fe25519 *r, const fe25519 *x, const fe25519 *y) { - crypto_uint32 t[63]; + uint32_t t[63]; for (int i = 0; i < 63; i++) t[i] = 0; for (int i = 0; i < 32; i++) { @@ -891,14 +888,15 @@ ZT_INLINE void fe25519_pow2523(fe25519 *r, const fe25519 *x) fe25519_mul(r, &t, x); } -const crypto_uint32 m[32] = { 0xED, 0xD3, 0xF5, 0x5C, 0x1A, 0x63, 0x12, 0x58, 0xD6, 0x9C, 0xF7, - 0xA2, 0xDE, 0xF9, 0xDE, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 }; -const crypto_uint32 mu[33] = { 0x1B, 0x13, 0x2C, 0x0A, 0xA3, 0xE5, 0x9C, 0xED, 0xA7, 0x29, 0x63, - 0x08, 0x5D, 0x21, 0x06, 0x21, 0xEB, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0F }; +const uint32_t m[32] = { + 0xED, 0xD3, 0xF5, 0x5C, 0x1A, 0x63, 0x12, 0x58, 0xD6, 0x9C, 0xF7, 0xA2, 0xDE, 0xF9, 0xDE, 0x14, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 +}; +const uint32_t mu[33] = { 0x1B, 0x13, 0x2C, 0x0A, 0xA3, 0xE5, 0x9C, 0xED, 0xA7, 0x29, 0x63, + 0x08, 0x5D, 0x21, 0x06, 0x21, 0xEB, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x0F }; -ZT_INLINE crypto_uint32 lt(crypto_uint32 a, crypto_uint32 b) /* 16-bit inputs */ +ZT_INLINE uint32_t lt(uint32_t a, uint32_t b) /* 16-bit inputs */ { unsigned int x = a; x -= (unsigned int)b; /* 0..65535: no; 4294901761..4294967295: yes */ @@ -908,9 +906,9 @@ ZT_INLINE crypto_uint32 lt(crypto_uint32 a, crypto_uint32 b) /* 16-bit inputs */ void reduce_add_sub(sc25519 *r) { - crypto_uint32 pb = 0; - crypto_uint32 b; - crypto_uint32 mask; + uint32_t pb = 0; + uint32_t b; + uint32_t mask; int i; unsigned char t[32]; @@ -925,15 +923,15 @@ void reduce_add_sub(sc25519 *r) r->v[i] ^= mask & (r->v[i] ^ t[i]); } -void barrett_reduce(sc25519 *r, const crypto_uint32 x[64]) +void barrett_reduce(sc25519 *r, const uint32_t x[64]) { /* See HAC, Alg. 14.42 */ int i, j; - crypto_uint32 q2[66]; - crypto_uint32 *q3 = q2 + 33; - crypto_uint32 r1[33]; - crypto_uint32 r2[33]; - crypto_uint32 pb = 0; + uint32_t q2[66]; + uint32_t *q3 = q2 + 33; + uint32_t r1[33]; + uint32_t r2[33]; + uint32_t pb = 0; Utils::zero(q2); // for (i = 0;i < 66;++i) q2[i] = 0; @@ -961,9 +959,9 @@ void barrett_reduce(sc25519 *r, const crypto_uint32 x[64]) for (i = 0; i < 32; i++) { pb += r2[i]; - crypto_uint32 b = lt(r1[i], pb); - r->v[i] = r1[i] - pb + (b << 8); - pb = b; + uint32_t b = lt(r1[i], pb); + r->v[i] = r1[i] - pb + (b << 8); + pb = b; } reduce_add_sub(r); @@ -973,7 +971,7 @@ void barrett_reduce(sc25519 *r, const crypto_uint32 x[64]) ZT_INLINE void sc25519_from32bytes(sc25519 *r, const unsigned char x[32]) { int i; - crypto_uint32 t[64]; + uint32_t t[64]; for (i = 0; i < 32; i++) t[i] = x[i]; for (i = 32; i < 64; ++i) @@ -984,7 +982,7 @@ ZT_INLINE void sc25519_from32bytes(sc25519 *r, const unsigned char x[32]) ZT_INLINE void sc25519_from64bytes(sc25519 *r, const unsigned char x[64]) { int i; - crypto_uint32 t[64]; + uint32_t t[64]; for (i = 0; i < 64; i++) t[i] = x[i]; barrett_reduce(r, t); @@ -1012,7 +1010,7 @@ ZT_INLINE void sc25519_add(sc25519 *r, const sc25519 *x, const sc25519 *y) ZT_INLINE void sc25519_mul(sc25519 *r, const sc25519 *x, const sc25519 *y) { int i, j; - crypto_uint32 t[64]; + uint32_t t[64]; for (i = 0; i < 64; i++) t[i] = 0; @@ -1077,16 +1075,16 @@ ZT_INLINE void sc25519_2interleave2(unsigned char r[127], const sc25519 *s1, con r[126] = ((s1->v[31] >> 4) & 3) ^ (((s2->v[31] >> 4) & 3) << 2); } -static const fe25519 ge25519_ecd = { { 0xA3, 0x78, 0x59, 0x13, 0xCA, 0x4D, 0xEB, 0x75, 0xAB, 0xD8, 0x41, +static const fe25519 ge25519_ecd = { { 0xA3, 0x78, 0x59, 0x13, 0xCA, 0x4D, 0xEB, 0x75, 0xAB, 0xD8, 0x41, 0x41, 0x4D, 0x0A, 0x70, 0x00, 0x98, 0xE8, 0x79, 0x77, 0x79, 0x40, 0xC7, 0x8C, 0x73, 0xFE, 0x6F, 0x2B, 0xEE, 0x6C, 0x03, 0x52 } }; -static const fe25519 ge25519_ec2d = { { 0x59, 0xF1, 0xB2, 0x26, 0x94, 0x9B, 0xD6, 0xEB, 0x56, 0xB1, 0x83, +static const fe25519 ge25519_ec2d = { { 0x59, 0xF1, 0xB2, 0x26, 0x94, 0x9B, 0xD6, 0xEB, 0x56, 0xB1, 0x83, 0x82, 0x9A, 0x14, 0xE0, 0x00, 0x30, 0xD1, 0xF3, 0xEE, 0xF2, 0x80, 0x8E, 0x19, 0xE7, 0xFC, 0xDF, 0x56, 0xDC, 0xD9, 0x06, 0x24 } }; static const fe25519 ge25519_sqrtm1 = { { 0xB0, 0xA0, 0x0E, 0x4A, 0x27, 0x1B, 0xEE, 0xC4, 0x78, 0xE4, 0x2F, 0xAD, 0x06, 0x18, 0x43, 0x2F, 0xA7, 0xD7, 0xFB, 0x3D, 0x99, 0x00, 0x4D, 0x2B, 0x0B, 0xDF, 0xC1, 0x4F, 0x80, 0x24, 0x83, 0x2B } }; -static const ge25519 ge25519_base = { +static const ge25519 ge25519_base = { { { 0x1A, 0xD5, 0x25, 0x8F, 0x60, 0x2D, 0x56, 0xC9, 0xB2, 0xA7, 0x25, 0x95, 0x60, 0xC7, 0x2C, 0x69, 0x5C, 0xDC, 0xD6, 0xFD, 0x31, 0xE2, 0xA4, 0xC0, 0xFE, 0x53, 0x6E, 0xCD, 0xD3, 0x36, 0x69, 0x21 } }, { { 0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, @@ -1094,7 +1092,8 @@ static const ge25519 ge25519_base = { { { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, { { 0xA3, 0xDD, 0xB7, 0xA5, 0xB3, 0x8A, 0xDE, 0x6D, 0xF5, 0x52, 0x51, 0x77, 0x80, 0x9F, 0xF0, 0x20, - 0x7D, 0xE3, 0xAB, 0x64, 0x8E, 0x4E, 0xEA, 0x66, 0x65, 0x76, 0x8B, 0xD7, 0x0F, 0x5F, 0x87, 0x67 } } }; + 0x7D, 0xE3, 0xAB, 0x64, 0x8E, 0x4E, 0xEA, 0x66, 0x65, 0x76, 0x8B, 0xD7, 0x0F, 0x5F, 0x87, 0x67 } } +}; static const ge25519_aff ge25519_base_multiples_affine[425] = { { { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } }, @@ -2886,7 +2885,7 @@ ZT_INLINE void cmov_aff(ge25519_aff *r, const ge25519_aff *p, unsigned char b) ZT_INLINE unsigned char equal(signed char b, signed char c) { unsigned char ub = b, uc = c, x = ub ^ uc; - crypto_uint32 y = x; + uint32_t y = x; y -= 1; y >>= 31; return (unsigned char)y; diff --git a/core/C25519.hpp b/core/C25519.hpp index 9cbe40fa1..3429d6003 100644 --- a/core/C25519.hpp +++ b/core/C25519.hpp @@ -40,12 +40,14 @@ class C25519 { /** * Generate a set of two 25519 keys: a C25519 ECDH key pair and an Ed25519 EDDSA key pair. */ - static void generateCombined(uint8_t pub[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE]); + static void generateCombined( + uint8_t pub[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE]); /** * Generate a C25519 ECDH key pair only. */ - static void generateC25519(uint8_t pub[ZT_C25519_ECDH_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_ECDH_PRIVATE_KEY_SIZE]); + static void + generateC25519(uint8_t pub[ZT_C25519_ECDH_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_ECDH_PRIVATE_KEY_SIZE]); /** * Generate a key pair satisfying a condition @@ -60,15 +62,17 @@ class C25519 { * @return Key pair where cond(kp) returns true * @tparam F Type of 'cond' */ - template static ZT_INLINE void generateSatisfying(F cond, uint8_t pub[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE]) + template + static ZT_INLINE void generateSatisfying( + F cond, uint8_t pub[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], uint8_t priv[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE]) { Utils::getSecureRandom(priv, ZT_C25519_COMBINED_PRIVATE_KEY_SIZE); s_calcPubED(pub, priv); // do Ed25519 key -- bytes 32-63 of pub and priv do { - ++(((uint64_t*)priv)[1]); - --(((uint64_t*)priv)[2]); + ++(((uint64_t *)priv)[1]); + --(((uint64_t *)priv)[2]); s_calcPubDH(pub, priv); // keep regenerating bytes 0-31 until satisfied - } while (! cond(pub)); + } while (!cond(pub)); } /** @@ -81,7 +85,9 @@ class C25519 { * @param their Their public key * @param rawkey Buffer to receive raw (not hashed) agreed upon key */ - static void agree(const uint8_t mine[ZT_C25519_ECDH_PRIVATE_KEY_SIZE], const uint8_t their[ZT_C25519_ECDH_PUBLIC_KEY_SIZE], uint8_t rawkey[ZT_C25519_ECDH_SHARED_SECRET_SIZE]); + static void agree( + const uint8_t mine[ZT_C25519_ECDH_PRIVATE_KEY_SIZE], const uint8_t their[ZT_C25519_ECDH_PUBLIC_KEY_SIZE], + uint8_t rawkey[ZT_C25519_ECDH_SHARED_SECRET_SIZE]); /** * Sign a message with a sender's key pair @@ -100,7 +106,9 @@ class C25519 { * @param len Length of message in bytes * @param signature Buffer to fill with signature -- MUST be 96 bytes in length */ - static void sign(const uint8_t myPrivate[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE], const uint8_t myPublic[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], const void* msg, unsigned int len, void* signature); + static void sign( + const uint8_t myPrivate[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE], + const uint8_t myPublic[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], const void *msg, unsigned int len, void *signature); /** * Verify a message's signature @@ -112,16 +120,18 @@ class C25519 { * @param siglen Length of signature in bytes * @return True if signature is valid and the message is authentic and unmodified */ - static bool verify(const uint8_t their[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], const void* msg, unsigned int len, const void* signature, unsigned int siglen); + static bool verify( + const uint8_t their[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE], const void *msg, unsigned int len, + const void *signature, unsigned int siglen); private: // derive first 32 bytes of kp.pub from first 32 bytes of kp.priv // this is the ECDH key - static void s_calcPubDH(uint8_t* pub, const uint8_t* priv); + static void s_calcPubDH(uint8_t *pub, const uint8_t *priv); // derive 2nd 32 bytes of kp.pub from 2nd 32 bytes of kp.priv // this is the Ed25519 sign/verify key - static void s_calcPubED(uint8_t* pub, const uint8_t* priv); + static void s_calcPubED(uint8_t *pub, const uint8_t *priv); }; } // namespace ZeroTier diff --git a/core/CAPI.cpp b/core/CAPI.cpp index 1d2ff834f..7cebd8b5c 100644 --- a/core/CAPI.cpp +++ b/core/CAPI.cpp @@ -29,10 +29,10 @@ extern "C" { // These macros make the idiom of passing buffers to outside code via the API work properly even // if the first address of Buf does not overlap with its data field, since the C++ standard does // not absolutely guarantee this. -#define ZT_PTRTOBUF(p) ((ZeroTier::Buf*)(((uintptr_t)(p)) - ((uintptr_t) & (((ZeroTier::Buf*)0)->unsafeData[0])))) -#define ZT_BUFTOPTR(b) ((void*)(&((b)->unsafeData[0]))) +#define ZT_PTRTOBUF(p) ((ZeroTier::Buf *)(((uintptr_t)(p)) - ((uintptr_t) & (((ZeroTier::Buf *)0)->unsafeData[0])))) +#define ZT_BUFTOPTR(b) ((void *)(&((b)->unsafeData[0]))) -ZT_MAYBE_UNUSED void* ZT_getBuffer() +ZT_MAYBE_UNUSED void *ZT_getBuffer() { // When external code requests a Buf, grab one from the pool (or freshly allocated) // and return it with its reference count left at zero. It's the responsibility of @@ -47,23 +47,23 @@ ZT_MAYBE_UNUSED void* ZT_getBuffer() } } -ZT_MAYBE_UNUSED void ZT_freeBuffer(void* b) +ZT_MAYBE_UNUSED void ZT_freeBuffer(void *b) { if (b) delete ZT_PTRTOBUF(b); } struct p_queryResultBase { - void (*freeFunction)(const void*); + void (*freeFunction)(const void *); }; -ZT_MAYBE_UNUSED void ZT_freeQueryResult(const void* qr) +ZT_MAYBE_UNUSED void ZT_freeQueryResult(const void *qr) { - if ((qr) && (reinterpret_cast(qr)->freeFunction)) - reinterpret_cast(qr)->freeFunction(qr); + if ((qr) && (reinterpret_cast(qr)->freeFunction)) + reinterpret_cast(qr)->freeFunction(qr); } -ZT_MAYBE_UNUSED void ZT_version(int* major, int* minor, int* revision, int* build) +ZT_MAYBE_UNUSED void ZT_version(int *major, int *minor, int *revision, int *build) { if (major) *major = ZEROTIER_VERSION_MAJOR; @@ -77,18 +77,19 @@ ZT_MAYBE_UNUSED void ZT_version(int* major, int* minor, int* revision, int* buil /********************************************************************************************************************/ -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_new(ZT_Node** node, int64_t clock, int64_t ticks, void* tptr, void* uptr, const struct ZT_Node_Callbacks* callbacks) +ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_new( + ZT_Node **node, int64_t clock, int64_t ticks, void *tptr, void *uptr, const struct ZT_Node_Callbacks *callbacks) { *node = nullptr; try { ZeroTier::CallContext cc(clock, ticks, tptr); - *node = reinterpret_cast(new ZeroTier::Node(uptr, callbacks, cc)); + *node = reinterpret_cast(new ZeroTier::Node(uptr, callbacks, cc)); return ZT_RESULT_OK; } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } - catch (std::runtime_error& exc) { + catch (std::runtime_error &exc) { return ZT_RESULT_FATAL_ERROR_DATA_STORE_FAILED; } catch (...) { @@ -96,26 +97,29 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_new(ZT_Node** node, int64_t clock, in } } -ZT_MAYBE_UNUSED void ZT_Node_delete(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr) +ZT_MAYBE_UNUSED void ZT_Node_delete(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - reinterpret_cast(node)->shutdown(cc); - delete (reinterpret_cast(node)); + reinterpret_cast(node)->shutdown(cc); + delete (reinterpret_cast(node)); } catch (...) { } } -ZT_MAYBE_UNUSED enum ZT_ResultCode -ZT_Node_processWirePacket(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, int64_t localSocket, const ZT_InetAddress* remoteAddress, const void* packetData, unsigned int packetLength, int isZtBuffer, volatile int64_t*) +ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processWirePacket( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, int64_t localSocket, const ZT_InetAddress *remoteAddress, + const void *packetData, unsigned int packetLength, int isZtBuffer, volatile int64_t *) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - ZeroTier::SharedPtr buf((isZtBuffer) ? ZT_PTRTOBUF(packetData) : new ZeroTier::Buf(packetData, packetLength & ZT_BUF_MEM_MASK)); - reinterpret_cast(node)->context().vl1->onRemotePacket(cc, localSocket, *ZeroTier::asInetAddress(remoteAddress), buf, packetLength); + ZeroTier::SharedPtr buf( + (isZtBuffer) ? ZT_PTRTOBUF(packetData) : new ZeroTier::Buf(packetData, packetLength & ZT_BUF_MEM_MASK)); + reinterpret_cast(node)->context().vl1->onRemotePacket( + cc, localSocket, *ZeroTier::asInetAddress(remoteAddress), buf, packetLength); } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -126,34 +130,26 @@ ZT_Node_processWirePacket(ZT_Node* node, int64_t clock, int64_t ticks, void* tpt } ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame( - ZT_Node* node, - int64_t clock, - int64_t ticks, - void* tptr, - uint64_t nwid, - uint64_t sourceMac, - uint64_t destMac, - unsigned int etherType, - unsigned int vlanId, - const void* frameData, - unsigned int frameLength, - int isZtBuffer, - volatile int64_t*) + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid, uint64_t sourceMac, uint64_t destMac, + unsigned int etherType, unsigned int vlanId, const void *frameData, unsigned int frameLength, int isZtBuffer, + volatile int64_t *) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - const ZeroTier::Context& ctx = reinterpret_cast(node)->context(); + const ZeroTier::Context &ctx = reinterpret_cast(node)->context(); ZeroTier::SharedPtr network(ctx.networks->get(nwid)); if (likely(network)) { - ZeroTier::SharedPtr buf((isZtBuffer) ? ZT_PTRTOBUF(frameData) : new ZeroTier::Buf(frameData, frameLength & ZT_BUF_MEM_MASK)); - ctx.vl2->onLocalEthernet(cc, network, ZeroTier::MAC(sourceMac), ZeroTier::MAC(destMac), etherType, vlanId, buf, frameLength); + ZeroTier::SharedPtr buf( + (isZtBuffer) ? ZT_PTRTOBUF(frameData) : new ZeroTier::Buf(frameData, frameLength & ZT_BUF_MEM_MASK)); + ctx.vl2->onLocalEthernet( + cc, network, ZeroTier::MAC(sourceMac), ZeroTier::MAC(destMac), etherType, vlanId, buf, frameLength); return ZT_RESULT_OK; } else { return ZT_RESULT_ERROR_NETWORK_NOT_FOUND; } } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -161,13 +157,14 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame( } } -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, volatile int64_t* nextBackgroundTaskDeadline) +ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processBackgroundTasks( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, volatile int64_t *nextBackgroundTaskDeadline) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->processBackgroundTasks(cc, nextBackgroundTaskDeadline); + return reinterpret_cast(node)->processBackgroundTasks(cc, nextBackgroundTaskDeadline); } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -175,13 +172,15 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node* node, } } -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_join(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void* uptr, uint64_t nwid, const ZT_Fingerprint* controllerFingerprint) +ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_join( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, void *uptr, uint64_t nwid, + const ZT_Fingerprint *controllerFingerprint) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->join(nwid, controllerFingerprint, uptr, cc); + return reinterpret_cast(node)->join(nwid, controllerFingerprint, uptr, cc); } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -189,13 +188,14 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_join(ZT_Node* node, int64_t clock, in } } -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_leave(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void** uptr, uint64_t nwid) +ZT_MAYBE_UNUSED enum ZT_ResultCode +ZT_Node_leave(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, void **uptr, uint64_t nwid) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->leave(nwid, uptr, cc); + return reinterpret_cast(node)->leave(nwid, uptr, cc); } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -203,13 +203,15 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_leave(ZT_Node* node, int64_t clock, i } } -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi) +ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastSubscribe( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid, uint64_t multicastGroup, + unsigned long multicastAdi) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->multicastSubscribe(cc, nwid, multicastGroup, multicastAdi); + return reinterpret_cast(node)->multicastSubscribe(cc, nwid, multicastGroup, multicastAdi); } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -217,13 +219,15 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node* node, int } } -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi) +ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastUnsubscribe( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid, uint64_t multicastGroup, + unsigned long multicastAdi) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->multicastUnsubscribe(cc, nwid, multicastGroup, multicastAdi); + return reinterpret_cast(node)->multicastUnsubscribe(cc, nwid, multicastGroup, multicastAdi); } - catch (std::bad_alloc& exc) { + catch (std::bad_alloc &exc) { return ZT_RESULT_FATAL_ERROR_OUT_OF_MEMORY; } catch (...) { @@ -231,121 +235,127 @@ ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node* node, i } } -ZT_MAYBE_UNUSED uint64_t ZT_Node_address(ZT_Node* node) +ZT_MAYBE_UNUSED uint64_t ZT_Node_address(ZT_Node *node) { - return reinterpret_cast(node)->context().identity.address().toInt(); + return reinterpret_cast(node)->context().identity.address().toInt(); } -ZT_MAYBE_UNUSED const ZT_Identity* ZT_Node_identity(ZT_Node* node) +ZT_MAYBE_UNUSED const ZT_Identity *ZT_Node_identity(ZT_Node *node) { - return (const ZT_Identity*)(&(reinterpret_cast(node)->identity())); + return (const ZT_Identity *)(&(reinterpret_cast(node)->identity())); } -ZT_MAYBE_UNUSED void ZT_Node_status(ZT_Node* node, int64_t, int64_t, void*, ZT_NodeStatus* status) +ZT_MAYBE_UNUSED void ZT_Node_status(ZT_Node *node, int64_t, int64_t, void *, ZT_NodeStatus *status) { try { - reinterpret_cast(node)->status(status); + reinterpret_cast(node)->status(status); } catch (...) { } } -ZT_MAYBE_UNUSED ZT_PeerList* ZT_Node_peers(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr) +ZT_MAYBE_UNUSED ZT_PeerList *ZT_Node_peers(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->peers(cc); + return reinterpret_cast(node)->peers(cc); } catch (...) { - return (ZT_PeerList*)0; + return (ZT_PeerList *)0; } } -ZT_MAYBE_UNUSED ZT_VirtualNetworkConfig* ZT_Node_networkConfig(ZT_Node* node, int64_t, int64_t, void*, uint64_t nwid) +ZT_MAYBE_UNUSED ZT_VirtualNetworkConfig *ZT_Node_networkConfig(ZT_Node *node, int64_t, int64_t, void *, uint64_t nwid) { try { - return reinterpret_cast(node)->networkConfig(nwid); + return reinterpret_cast(node)->networkConfig(nwid); } catch (...) { - return (ZT_VirtualNetworkConfig*)0; + return (ZT_VirtualNetworkConfig *)0; } } -ZT_MAYBE_UNUSED ZT_VirtualNetworkList* ZT_Node_networks(ZT_Node* node) +ZT_MAYBE_UNUSED ZT_VirtualNetworkList *ZT_Node_networks(ZT_Node *node) { try { - return reinterpret_cast(node)->networks(); + return reinterpret_cast(node)->networks(); } catch (...) { - return (ZT_VirtualNetworkList*)0; + return (ZT_VirtualNetworkList *)0; } } -ZT_MAYBE_UNUSED void ZT_Node_setNetworkUserPtr(ZT_Node* node, uint64_t nwid, void* ptr) +ZT_MAYBE_UNUSED void ZT_Node_setNetworkUserPtr(ZT_Node *node, uint64_t nwid, void *ptr) { try { - reinterpret_cast(node)->setNetworkUserPtr(nwid, ptr); + reinterpret_cast(node)->setNetworkUserPtr(nwid, ptr); } catch (...) { } } -ZT_MAYBE_UNUSED void ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t, int64_t, void*, const ZT_InterfaceAddress* addrs, unsigned int addrCount) +ZT_MAYBE_UNUSED void ZT_Node_setInterfaceAddresses( + ZT_Node *node, int64_t, int64_t, void *, const ZT_InterfaceAddress *addrs, unsigned int addrCount) { try { - reinterpret_cast(node)->setInterfaceAddresses(addrs, addrCount); + reinterpret_cast(node)->setInterfaceAddresses(addrs, addrCount); } catch (...) { } } -ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Node_addCertificate(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize) +ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Node_addCertificate( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, unsigned int localTrust, const ZT_Certificate *cert, + const void *certData, unsigned int certSize) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->addCertificate(cc, localTrust, cert, certData, certSize); + return reinterpret_cast(node)->addCertificate(cc, localTrust, cert, certData, certSize); } catch (...) { return ZT_CERTIFICATE_ERROR_INVALID_FORMAT; } } -ZT_MAYBE_UNUSED enum ZT_ResultCode ZT_Node_deleteCertificate(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, const void* serialNo) +ZT_MAYBE_UNUSED enum ZT_ResultCode +ZT_Node_deleteCertificate(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, const void *serialNo) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->deleteCertificate(cc, serialNo); + return reinterpret_cast(node)->deleteCertificate(cc, serialNo); } catch (...) { return ZT_RESULT_ERROR_INTERNAL; } } -ZT_MAYBE_UNUSED ZT_CertificateList* ZT_Node_listCertificates(ZT_Node* node, int64_t, int64_t, void*) +ZT_MAYBE_UNUSED ZT_CertificateList *ZT_Node_listCertificates(ZT_Node *node, int64_t, int64_t, void *) { try { - return reinterpret_cast(node)->listCertificates(); + return reinterpret_cast(node)->listCertificates(); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED int ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t dest, uint64_t typeId, const void* data, unsigned int len) +ZT_MAYBE_UNUSED int ZT_Node_sendUserMessage( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t dest, uint64_t typeId, const void *data, + unsigned int len) { try { ZeroTier::CallContext cc(clock, ticks, tptr); - return reinterpret_cast(node)->sendUserMessage(cc, dest, typeId, data, len); + return reinterpret_cast(node)->sendUserMessage(cc, dest, typeId, data, len); } catch (...) { return 0; } } -ZT_MAYBE_UNUSED void ZT_Node_setController(ZT_Node* node, void* networkControllerInstance) +ZT_MAYBE_UNUSED void ZT_Node_setController(ZT_Node *node, void *networkControllerInstance) { try { - reinterpret_cast(node)->setController(networkControllerInstance); + reinterpret_cast(node)->setController(networkControllerInstance); } catch (...) { } @@ -353,149 +363,157 @@ ZT_MAYBE_UNUSED void ZT_Node_setController(ZT_Node* node, void* networkControlle /********************************************************************************************************************/ -ZT_MAYBE_UNUSED ZT_Locator* ZT_Locator_create(int64_t rev, const ZT_Endpoint* endpoints, const ZT_EndpointAttributes*, unsigned int endpointCount, const ZT_Identity* signer) +ZT_MAYBE_UNUSED ZT_Locator *ZT_Locator_create( + int64_t rev, const ZT_Endpoint *endpoints, const ZT_EndpointAttributes *, unsigned int endpointCount, + const ZT_Identity *signer) { try { - if ((! endpoints) || (endpointCount == 0) || (! signer)) + if ((!endpoints) || (endpointCount == 0) || (!signer)) return nullptr; - ZeroTier::Locator* loc = new ZeroTier::Locator(); + ZeroTier::Locator *loc = new ZeroTier::Locator(); for (unsigned int i = 0; i < endpointCount; ++i) - loc->add(reinterpret_cast(endpoints)[i], ZeroTier::Locator::EndpointAttributes::DEFAULT); - if (! loc->sign(rev, *reinterpret_cast(signer))) { + loc->add( + reinterpret_cast(endpoints)[i], + ZeroTier::Locator::EndpointAttributes::DEFAULT); + if (!loc->sign(rev, *reinterpret_cast(signer))) { delete loc; return nullptr; } - return reinterpret_cast(loc); + return reinterpret_cast(loc); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED ZT_Locator* ZT_Locator_fromString(const char* str) +ZT_MAYBE_UNUSED ZT_Locator *ZT_Locator_fromString(const char *str) { try { - if (! str) + if (!str) return nullptr; - ZeroTier::Locator* loc = new ZeroTier::Locator(); - if (! loc->fromString(str)) { + ZeroTier::Locator *loc = new ZeroTier::Locator(); + if (!loc->fromString(str)) { delete loc; return nullptr; } - return reinterpret_cast(loc); + return reinterpret_cast(loc); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED ZT_Locator* ZT_Locator_unmarshal(const void* data, unsigned int len) +ZT_MAYBE_UNUSED ZT_Locator *ZT_Locator_unmarshal(const void *data, unsigned int len) { try { - if ((! data) || (len == 0)) + if ((!data) || (len == 0)) return nullptr; - ZeroTier::Locator* loc = new ZeroTier::Locator(); - if (loc->unmarshal(reinterpret_cast(data), (int)len) <= 0) { + ZeroTier::Locator *loc = new ZeroTier::Locator(); + if (loc->unmarshal(reinterpret_cast(data), (int)len) <= 0) { delete loc; return nullptr; } - return reinterpret_cast(loc); + return reinterpret_cast(loc); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED int ZT_Locator_marshal(const ZT_Locator* loc, void* buf, unsigned int bufSize) +ZT_MAYBE_UNUSED int ZT_Locator_marshal(const ZT_Locator *loc, void *buf, unsigned int bufSize) { - if ((! loc) || (bufSize < ZT_LOCATOR_MARSHAL_SIZE_MAX)) + if ((!loc) || (bufSize < ZT_LOCATOR_MARSHAL_SIZE_MAX)) return -1; - return reinterpret_cast(loc)->marshal(reinterpret_cast(buf), false); + return reinterpret_cast(loc)->marshal(reinterpret_cast(buf), false); } -ZT_MAYBE_UNUSED char* ZT_Locator_toString(const ZT_Locator* loc, char* buf, int capacity) +ZT_MAYBE_UNUSED char *ZT_Locator_toString(const ZT_Locator *loc, char *buf, int capacity) { - if ((! loc) || (capacity < ZT_LOCATOR_STRING_SIZE_MAX)) + if ((!loc) || (capacity < ZT_LOCATOR_STRING_SIZE_MAX)) return nullptr; - return reinterpret_cast(loc)->toString(buf); + return reinterpret_cast(loc)->toString(buf); } -ZT_MAYBE_UNUSED int64_t ZT_Locator_revision(const ZT_Locator* loc) +ZT_MAYBE_UNUSED int64_t ZT_Locator_revision(const ZT_Locator *loc) { - if (! loc) + if (!loc) return 0; - return reinterpret_cast(loc)->revision(); + return reinterpret_cast(loc)->revision(); } -ZT_MAYBE_UNUSED uint64_t ZT_Locator_signer(const ZT_Locator* loc) +ZT_MAYBE_UNUSED uint64_t ZT_Locator_signer(const ZT_Locator *loc) { - if (! loc) + if (!loc) return 0; - return reinterpret_cast(loc)->signer().toInt(); + return reinterpret_cast(loc)->signer().toInt(); } -ZT_MAYBE_UNUSED int ZT_Locator_equals(const ZT_Locator* a, const ZT_Locator* b) +ZT_MAYBE_UNUSED int ZT_Locator_equals(const ZT_Locator *a, const ZT_Locator *b) { if (a) { if (b) { - if (*reinterpret_cast(a) == *reinterpret_cast(b)) + if (*reinterpret_cast(a) == *reinterpret_cast(b)) return 1; } } - else if (! b) { + else if (!b) { return 1; } return 0; } -ZT_MAYBE_UNUSED unsigned int ZT_Locator_endpointCount(const ZT_Locator* loc) +ZT_MAYBE_UNUSED unsigned int ZT_Locator_endpointCount(const ZT_Locator *loc) { - return (loc) ? (unsigned int)(reinterpret_cast(loc)->endpoints().size()) : 0; + return (loc) ? (unsigned int)(reinterpret_cast(loc)->endpoints().size()) : 0; } -ZT_MAYBE_UNUSED const ZT_Endpoint* ZT_Locator_endpoint(const ZT_Locator* loc, const unsigned int ep) +ZT_MAYBE_UNUSED const ZT_Endpoint *ZT_Locator_endpoint(const ZT_Locator *loc, const unsigned int ep) { - if (! loc) + if (!loc) return nullptr; - if (ep >= (unsigned int)(reinterpret_cast(loc)->endpoints().size())) + if (ep >= (unsigned int)(reinterpret_cast(loc)->endpoints().size())) return nullptr; - return reinterpret_cast(&(reinterpret_cast(loc)->endpoints()[ep])); + return reinterpret_cast(&(reinterpret_cast(loc)->endpoints()[ep])); } -ZT_MAYBE_UNUSED int ZT_Locator_verify(const ZT_Locator* loc, const ZT_Identity* signer) +ZT_MAYBE_UNUSED int ZT_Locator_verify(const ZT_Locator *loc, const ZT_Identity *signer) { - if ((! loc) || (! signer)) + if ((!loc) || (!signer)) return 0; - return reinterpret_cast(loc)->verify(*reinterpret_cast(signer)) ? 1 : 0; + return reinterpret_cast(loc)->verify( + *reinterpret_cast(signer)) + ? 1 + : 0; } -ZT_MAYBE_UNUSED void ZT_Locator_delete(const ZT_Locator* loc) +ZT_MAYBE_UNUSED void ZT_Locator_delete(const ZT_Locator *loc) { if (loc) - delete reinterpret_cast(loc); + delete reinterpret_cast(loc); } /********************************************************************************************************************/ -ZT_MAYBE_UNUSED ZT_Identity* ZT_Identity_new(enum ZT_IdentityType type) +ZT_MAYBE_UNUSED ZT_Identity *ZT_Identity_new(enum ZT_IdentityType type) { if ((type != ZT_IDENTITY_TYPE_C25519) && (type != ZT_IDENTITY_TYPE_P384)) return nullptr; try { - ZeroTier::Identity* const id = new ZeroTier::Identity(); + ZeroTier::Identity *const id = new ZeroTier::Identity(); id->generate((ZeroTier::Identity::Type)type); - return reinterpret_cast(id); + return reinterpret_cast(id); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED ZT_Identity* ZT_Identity_clone(const ZT_Identity* id) +ZT_MAYBE_UNUSED ZT_Identity *ZT_Identity_clone(const ZT_Identity *id) { if (id) { try { - return reinterpret_cast(new ZeroTier::Identity(*reinterpret_cast(id))); + return reinterpret_cast( + new ZeroTier::Identity(*reinterpret_cast(id))); } catch (...) { return nullptr; @@ -504,90 +522,93 @@ ZT_MAYBE_UNUSED ZT_Identity* ZT_Identity_clone(const ZT_Identity* id) return nullptr; } -ZT_MAYBE_UNUSED ZT_Identity* ZT_Identity_fromString(const char* idStr) +ZT_MAYBE_UNUSED ZT_Identity *ZT_Identity_fromString(const char *idStr) { - if (! idStr) + if (!idStr) return nullptr; try { - ZeroTier::Identity* const id = new ZeroTier::Identity(); - if (! id->fromString(idStr)) { + ZeroTier::Identity *const id = new ZeroTier::Identity(); + if (!id->fromString(idStr)) { delete id; return nullptr; } - return reinterpret_cast(id); + return reinterpret_cast(id); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED int ZT_Identity_validate(const ZT_Identity* id) +ZT_MAYBE_UNUSED int ZT_Identity_validate(const ZT_Identity *id) { - if (! id) + if (!id) return 0; - return reinterpret_cast(id)->locallyValidate() ? 1 : 0; + return reinterpret_cast(id)->locallyValidate() ? 1 : 0; } -ZT_MAYBE_UNUSED unsigned int ZT_Identity_sign(const ZT_Identity* id, const void* data, unsigned int len, void* signature, unsigned int signatureBufferLength) +ZT_MAYBE_UNUSED unsigned int ZT_Identity_sign( + const ZT_Identity *id, const void *data, unsigned int len, void *signature, unsigned int signatureBufferLength) { - if (! id) + if (!id) return 0; if (signatureBufferLength < ZT_SIGNATURE_BUFFER_SIZE) return 0; - return reinterpret_cast(id)->sign(data, len, signature, signatureBufferLength); + return reinterpret_cast(id)->sign(data, len, signature, signatureBufferLength); } -ZT_MAYBE_UNUSED int ZT_Identity_verify(const ZT_Identity* id, const void* data, unsigned int len, const void* signature, unsigned int sigLen) +ZT_MAYBE_UNUSED int ZT_Identity_verify( + const ZT_Identity *id, const void *data, unsigned int len, const void *signature, unsigned int sigLen) { - if ((! id) || (! signature) || (! sigLen)) + if ((!id) || (!signature) || (!sigLen)) return 0; - return reinterpret_cast(id)->verify(data, len, signature, sigLen) ? 1 : 0; + return reinterpret_cast(id)->verify(data, len, signature, sigLen) ? 1 : 0; } -ZT_MAYBE_UNUSED enum ZT_IdentityType ZT_Identity_type(const ZT_Identity* id) +ZT_MAYBE_UNUSED enum ZT_IdentityType ZT_Identity_type(const ZT_Identity *id) { - if (! id) + if (!id) return (ZT_IdentityType)0; - return (enum ZT_IdentityType) reinterpret_cast(id)->type(); + return (enum ZT_IdentityType) reinterpret_cast(id)->type(); } -ZT_MAYBE_UNUSED char* ZT_Identity_toString(const ZT_Identity* id, char* buf, int capacity, int includePrivate) +ZT_MAYBE_UNUSED char *ZT_Identity_toString(const ZT_Identity *id, char *buf, int capacity, int includePrivate) { - if ((! id) || (! buf) || (capacity < ZT_IDENTITY_STRING_BUFFER_LENGTH)) + if ((!id) || (!buf) || (capacity < ZT_IDENTITY_STRING_BUFFER_LENGTH)) return nullptr; - reinterpret_cast(id)->toString(includePrivate != 0, buf); + reinterpret_cast(id)->toString(includePrivate != 0, buf); return buf; } -ZT_MAYBE_UNUSED int ZT_Identity_hasPrivate(const ZT_Identity* id) +ZT_MAYBE_UNUSED int ZT_Identity_hasPrivate(const ZT_Identity *id) { - if (! id) + if (!id) return 0; - return reinterpret_cast(id)->hasPrivate() ? 1 : 0; + return reinterpret_cast(id)->hasPrivate() ? 1 : 0; } -ZT_MAYBE_UNUSED uint64_t ZT_Identity_address(const ZT_Identity* id) +ZT_MAYBE_UNUSED uint64_t ZT_Identity_address(const ZT_Identity *id) { - if (! id) + if (!id) return 0; - return reinterpret_cast(id)->address(); + return reinterpret_cast(id)->address(); } -ZT_MAYBE_UNUSED const ZT_Fingerprint* ZT_Identity_fingerprint(const ZT_Identity* id) +ZT_MAYBE_UNUSED const ZT_Fingerprint *ZT_Identity_fingerprint(const ZT_Identity *id) { - if (! id) + if (!id) return nullptr; - return &(reinterpret_cast(id)->fingerprint()); + return &(reinterpret_cast(id)->fingerprint()); } -ZT_MAYBE_UNUSED int ZT_Identity_compare(const ZT_Identity* a, const ZT_Identity* b) +ZT_MAYBE_UNUSED int ZT_Identity_compare(const ZT_Identity *a, const ZT_Identity *b) { if (a) { if (b) { - if (*reinterpret_cast(a) < *reinterpret_cast(b)) { + if (*reinterpret_cast(a) < *reinterpret_cast(b)) { return -1; } - else if (*reinterpret_cast(b) < *reinterpret_cast(a)) { + else if ( + *reinterpret_cast(b) < *reinterpret_cast(a)) { return 1; } else { @@ -606,19 +627,22 @@ ZT_MAYBE_UNUSED int ZT_Identity_compare(const ZT_Identity* a, const ZT_Identity* } } -ZT_MAYBE_UNUSED void ZT_Identity_delete(const ZT_Identity* id) +ZT_MAYBE_UNUSED void ZT_Identity_delete(const ZT_Identity *id) { if (id) - delete reinterpret_cast(id); + delete reinterpret_cast(id); } /********************************************************************************************************************/ -ZT_MAYBE_UNUSED int -ZT_Certificate_newKeyPair(const enum ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize) +ZT_MAYBE_UNUSED int ZT_Certificate_newKeyPair( + const enum ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], + int *const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int *const privateKeySize) { try { - return ZeroTier::Certificate::newKeyPair(type, publicKey, publicKeySize, privateKey, privateKeySize) ? ZT_RESULT_OK : ZT_RESULT_ERROR_BAD_PARAMETER; + return ZeroTier::Certificate::newKeyPair(type, publicKey, publicKeySize, privateKey, privateKeySize) + ? ZT_RESULT_OK + : ZT_RESULT_ERROR_BAD_PARAMETER; } catch (...) { return ZT_RESULT_FATAL_ERROR_INTERNAL; @@ -626,18 +650,15 @@ ZT_Certificate_newKeyPair(const enum ZT_CertificatePublicKeyAlgorithm type, uint } ZT_MAYBE_UNUSED int ZT_Certificate_newCSR( - const ZT_Certificate_Subject* subject, - const void* const certificatePrivateKey, - const int certificatePrivateKeySize, - const void* const uniqueIdPrivateKey, - const int uniqueIdPrivateKeySize, - void* const csr, - int* const csrSize) + const ZT_Certificate_Subject *subject, const void *const certificatePrivateKey, const int certificatePrivateKeySize, + const void *const uniqueIdPrivateKey, const int uniqueIdPrivateKeySize, void *const csr, int *const csrSize) { try { - if ((! subject) || (! certificatePrivateKey) || (certificatePrivateKeySize <= 0)) + if ((!subject) || (!certificatePrivateKey) || (certificatePrivateKeySize <= 0)) return ZT_RESULT_ERROR_BAD_PARAMETER; - const ZeroTier::Vector csrV(ZeroTier::Certificate::createCSR(*subject, certificatePrivateKey, (unsigned int)certificatePrivateKeySize, uniqueIdPrivateKey, (unsigned int)uniqueIdPrivateKeySize)); + const ZeroTier::Vector csrV(ZeroTier::Certificate::createCSR( + *subject, certificatePrivateKey, (unsigned int)certificatePrivateKeySize, uniqueIdPrivateKey, + (unsigned int)uniqueIdPrivateKeySize)); if (csrV.empty() || ((int)csrV.size() > *csrSize)) return ZT_RESULT_ERROR_BAD_PARAMETER; ZeroTier::Utils::copy(csr, csrV.data(), (unsigned int)csrV.size()); @@ -649,10 +670,12 @@ ZT_MAYBE_UNUSED int ZT_Certificate_newCSR( } } -ZT_MAYBE_UNUSED ZT_Certificate* ZT_Certificate_sign(const ZT_Certificate* cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, int issuerPrivateKeySize) +ZT_MAYBE_UNUSED ZT_Certificate *ZT_Certificate_sign( + const ZT_Certificate *cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void *issuerPrivateKey, + int issuerPrivateKeySize) { try { - ZeroTier::Certificate* const c = new ZeroTier::Certificate(*cert); + ZeroTier::Certificate *const c = new ZeroTier::Certificate(*cert); if (c->sign(issuer, issuerPrivateKey, issuerPrivateKeySize)) { return c; } @@ -665,14 +688,15 @@ ZT_MAYBE_UNUSED ZT_Certificate* ZT_Certificate_sign(const ZT_Certificate* cert, return nullptr; } -ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Certificate_decode(const ZT_Certificate** decodedCert, const void* cert, int certSize, int verify) +ZT_MAYBE_UNUSED enum ZT_CertificateError +ZT_Certificate_decode(const ZT_Certificate **decodedCert, const void *cert, int certSize, int verify) { try { - if ((! decodedCert) || (! cert) || (certSize <= 0)) + if ((!decodedCert) || (!cert) || (certSize <= 0)) return ZT_CERTIFICATE_ERROR_INVALID_FORMAT; - *decodedCert = nullptr; - ZeroTier::Certificate* const c = new ZeroTier::Certificate(); - if (! c->decode(cert, certSize)) { + *decodedCert = nullptr; + ZeroTier::Certificate *const c = new ZeroTier::Certificate(); + if (!c->decode(cert, certSize)) { delete c; return ZT_CERTIFICATE_ERROR_INVALID_FORMAT; } @@ -691,10 +715,10 @@ ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Certificate_decode(const ZT_Certific } } -ZT_MAYBE_UNUSED int ZT_Certificate_encode(const ZT_Certificate* cert, void* encoded, int* encodedSize) +ZT_MAYBE_UNUSED int ZT_Certificate_encode(const ZT_Certificate *cert, void *encoded, int *encodedSize) { try { - if ((! cert) || (! encoded) || (! encodedSize)) + if ((!cert) || (!encoded) || (!encodedSize)) return ZT_RESULT_ERROR_BAD_PARAMETER; ZeroTier::Certificate c(*cert); ZeroTier::Vector enc(c.encode()); @@ -709,10 +733,10 @@ ZT_MAYBE_UNUSED int ZT_Certificate_encode(const ZT_Certificate* cert, void* enco } } -ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Certificate_verify(const ZT_Certificate* cert, int64_t clock) +ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Certificate_verify(const ZT_Certificate *cert, int64_t clock) { try { - if (! cert) + if (!cert) return ZT_CERTIFICATE_ERROR_INVALID_FORMAT; return ZeroTier::Certificate(*cert).verify(clock, true); } @@ -721,23 +745,23 @@ ZT_MAYBE_UNUSED enum ZT_CertificateError ZT_Certificate_verify(const ZT_Certific } } -ZT_MAYBE_UNUSED const ZT_Certificate* ZT_Certificate_clone(const ZT_Certificate* cert) +ZT_MAYBE_UNUSED const ZT_Certificate *ZT_Certificate_clone(const ZT_Certificate *cert) { try { - if (! cert) + if (!cert) return nullptr; - return (const ZT_Certificate*)(new ZeroTier::Certificate(*cert)); + return (const ZT_Certificate *)(new ZeroTier::Certificate(*cert)); } catch (...) { return nullptr; } } -ZT_MAYBE_UNUSED void ZT_Certificate_delete(const ZT_Certificate* cert) +ZT_MAYBE_UNUSED void ZT_Certificate_delete(const ZT_Certificate *cert) { try { if (cert) - delete (const ZeroTier::Certificate*)(cert); + delete (const ZeroTier::Certificate *)(cert); } catch (...) { } @@ -745,39 +769,42 @@ ZT_MAYBE_UNUSED void ZT_Certificate_delete(const ZT_Certificate* cert) /********************************************************************************************************************/ -ZT_MAYBE_UNUSED char* ZT_Endpoint_toString(const ZT_Endpoint* ep, char* buf, int capacity) +ZT_MAYBE_UNUSED char *ZT_Endpoint_toString(const ZT_Endpoint *ep, char *buf, int capacity) { - if ((! ep) || (! buf) || (capacity < ZT_ENDPOINT_STRING_SIZE_MAX)) + if ((!ep) || (!buf) || (capacity < ZT_ENDPOINT_STRING_SIZE_MAX)) return nullptr; - return reinterpret_cast(ep)->toString(buf); + return reinterpret_cast(ep)->toString(buf); } -ZT_MAYBE_UNUSED int ZT_Endpoint_fromString(ZT_Endpoint* ep, const char* str) +ZT_MAYBE_UNUSED int ZT_Endpoint_fromString(ZT_Endpoint *ep, const char *str) { - if ((! ep) || (! str)) + if ((!ep) || (!str)) return ZT_RESULT_ERROR_BAD_PARAMETER; - return reinterpret_cast(ep)->fromString(str) ? ZT_RESULT_OK : ZT_RESULT_ERROR_BAD_PARAMETER; + return reinterpret_cast(ep)->fromString(str) ? ZT_RESULT_OK : ZT_RESULT_ERROR_BAD_PARAMETER; } -ZT_MAYBE_UNUSED int ZT_Endpoint_fromBytes(ZT_Endpoint* ep, const void* bytes, unsigned int len) +ZT_MAYBE_UNUSED int ZT_Endpoint_fromBytes(ZT_Endpoint *ep, const void *bytes, unsigned int len) { - if ((! ep) || (! bytes) || (! len)) + if ((!ep) || (!bytes) || (!len)) return ZT_RESULT_ERROR_BAD_PARAMETER; - return (reinterpret_cast(ep)->unmarshal(reinterpret_cast(bytes), (int)len) > 0) ? 0 : ZT_RESULT_ERROR_BAD_PARAMETER; + return (reinterpret_cast(ep)->unmarshal(reinterpret_cast(bytes), (int)len) + > 0) + ? 0 + : ZT_RESULT_ERROR_BAD_PARAMETER; } /********************************************************************************************************************/ -ZT_MAYBE_UNUSED char* ZT_Fingerprint_toString(const ZT_Fingerprint* fp, char* buf, int capacity) +ZT_MAYBE_UNUSED char *ZT_Fingerprint_toString(const ZT_Fingerprint *fp, char *buf, int capacity) { if (capacity < ZT_FINGERPRINT_STRING_SIZE_MAX) return nullptr; - return reinterpret_cast(fp)->toString(buf); + return reinterpret_cast(fp)->toString(buf); } -ZT_MAYBE_UNUSED int ZT_Fingerprint_fromString(ZT_Fingerprint* fp, const char* s) +ZT_MAYBE_UNUSED int ZT_Fingerprint_fromString(ZT_Fingerprint *fp, const char *s) { - if ((! fp) || (! s)) + if ((!fp) || (!s)) return 0; ZeroTier::Fingerprint f; if (f.fromString(s)) { @@ -789,17 +816,17 @@ ZT_MAYBE_UNUSED int ZT_Fingerprint_fromString(ZT_Fingerprint* fp, const char* s) /********************************************************************************************************************/ -ZT_MAYBE_UNUSED void ZT_InetAddress_clear(ZT_InetAddress* ia) +ZT_MAYBE_UNUSED void ZT_InetAddress_clear(ZT_InetAddress *ia) { if (likely(ia != nullptr)) ZeroTier::Utils::zero(ia); } -ZT_MAYBE_UNUSED char* ZT_InetAddress_toString(const ZT_InetAddress* ia, char* buf, unsigned int cap) +ZT_MAYBE_UNUSED char *ZT_InetAddress_toString(const ZT_InetAddress *ia, char *buf, unsigned int cap) { if (likely((cap > 0) && (buf != nullptr))) { if (likely((ia != nullptr) && (cap >= ZT_INETADDRESS_STRING_SIZE_MAX))) { - reinterpret_cast(ia)->toString(buf); + reinterpret_cast(ia)->toString(buf); } else { buf[0] = 0; @@ -808,90 +835,96 @@ ZT_MAYBE_UNUSED char* ZT_InetAddress_toString(const ZT_InetAddress* ia, char* bu return buf; } -ZT_MAYBE_UNUSED int ZT_InetAddress_fromString(ZT_InetAddress* ia, const char* str) +ZT_MAYBE_UNUSED int ZT_InetAddress_fromString(ZT_InetAddress *ia, const char *str) { if (likely((ia != nullptr) && (str != nullptr))) { - return (int)reinterpret_cast(ia)->fromString(str); + return (int)reinterpret_cast(ia)->fromString(str); } return 0; } -ZT_MAYBE_UNUSED void ZT_InetAddress_set(ZT_InetAddress* ia, const void* saddr) +ZT_MAYBE_UNUSED void ZT_InetAddress_set(ZT_InetAddress *ia, const void *saddr) { if (likely(ia != nullptr)) - (*reinterpret_cast(ia)) = reinterpret_cast(saddr); + (*reinterpret_cast(ia)) = reinterpret_cast(saddr); } -ZT_MAYBE_UNUSED void ZT_InetAddress_setIpBytes(ZT_InetAddress* ia, const void* ipBytes, unsigned int ipLen, unsigned int port) +ZT_MAYBE_UNUSED void +ZT_InetAddress_setIpBytes(ZT_InetAddress *ia, const void *ipBytes, unsigned int ipLen, unsigned int port) { if (likely(ia != nullptr)) - reinterpret_cast(ia)->set(ipBytes, ipLen, port); + reinterpret_cast(ia)->set(ipBytes, ipLen, port); } -ZT_MAYBE_UNUSED void ZT_InetAddress_setPort(ZT_InetAddress* ia, unsigned int port) +ZT_MAYBE_UNUSED void ZT_InetAddress_setPort(ZT_InetAddress *ia, unsigned int port) { if (likely(ia != nullptr)) - reinterpret_cast(ia)->setPort(port); + reinterpret_cast(ia)->setPort(port); } -ZT_MAYBE_UNUSED unsigned int ZT_InetAddress_port(const ZT_InetAddress* ia) +ZT_MAYBE_UNUSED unsigned int ZT_InetAddress_port(const ZT_InetAddress *ia) { if (likely(ia != nullptr)) - return reinterpret_cast(ia)->port(); + return reinterpret_cast(ia)->port(); return 0; } -ZT_MAYBE_UNUSED int ZT_InetAddress_isNil(const ZT_InetAddress* ia) +ZT_MAYBE_UNUSED int ZT_InetAddress_isNil(const ZT_InetAddress *ia) { - if (! ia) + if (!ia) return 0; - return (int)((bool)(*reinterpret_cast(ia))); + return (int)((bool)(*reinterpret_cast(ia))); } -ZT_MAYBE_UNUSED int ZT_InetAddress_isV4(const ZT_InetAddress* ia) +ZT_MAYBE_UNUSED int ZT_InetAddress_isV4(const ZT_InetAddress *ia) { - if (! ia) + if (!ia) return 0; - return (int)(reinterpret_cast(ia))->isV4(); + return (int)(reinterpret_cast(ia))->isV4(); } -ZT_MAYBE_UNUSED int ZT_InetAddress_isV6(const ZT_InetAddress* ia) +ZT_MAYBE_UNUSED int ZT_InetAddress_isV6(const ZT_InetAddress *ia) { - if (! ia) + if (!ia) return 0; - return (int)(reinterpret_cast(ia))->isV6(); + return (int)(reinterpret_cast(ia))->isV6(); } -ZT_MAYBE_UNUSED unsigned int ZT_InetAddress_ipBytes(const ZT_InetAddress* ia, void* buf) +ZT_MAYBE_UNUSED unsigned int ZT_InetAddress_ipBytes(const ZT_InetAddress *ia, void *buf) { if (ia) { - switch (reinterpret_cast(ia)->as.sa.sa_family) { + switch (reinterpret_cast(ia)->as.sa.sa_family) { case AF_INET: - ZeroTier::Utils::copy<4>(buf, &(reinterpret_cast(ia)->as.sa_in.sin_addr.s_addr)); + ZeroTier::Utils::copy<4>( + buf, &(reinterpret_cast(ia)->as.sa_in.sin_addr.s_addr)); return 4; case AF_INET6: - ZeroTier::Utils::copy<16>(buf, reinterpret_cast(ia)->as.sa_in6.sin6_addr.s6_addr); + ZeroTier::Utils::copy<16>( + buf, reinterpret_cast(ia)->as.sa_in6.sin6_addr.s6_addr); return 16; } } return 0; } -ZT_MAYBE_UNUSED enum ZT_InetAddress_IpScope ZT_InetAddress_ipScope(const ZT_InetAddress* ia) +ZT_MAYBE_UNUSED enum ZT_InetAddress_IpScope ZT_InetAddress_ipScope(const ZT_InetAddress *ia) { if (likely(ia != nullptr)) - return reinterpret_cast(ia)->ipScope(); + return reinterpret_cast(ia)->ipScope(); return ZT_IP_SCOPE_NONE; } -ZT_MAYBE_UNUSED int ZT_InetAddress_compare(const ZT_InetAddress* a, const ZT_InetAddress* b) +ZT_MAYBE_UNUSED int ZT_InetAddress_compare(const ZT_InetAddress *a, const ZT_InetAddress *b) { if (a) { if (b) { - if (*reinterpret_cast(a) < *reinterpret_cast(b)) { + if (*reinterpret_cast(a) + < *reinterpret_cast(b)) { return -1; } - else if (*reinterpret_cast(b) < *reinterpret_cast(a)) { + else if ( + *reinterpret_cast(b) + < *reinterpret_cast(a)) { return 1; } else { @@ -912,7 +945,9 @@ ZT_MAYBE_UNUSED int ZT_InetAddress_compare(const ZT_InetAddress* a, const ZT_Ine /********************************************************************************************************************/ -ZT_MAYBE_UNUSED int ZT_Dictionary_parse(const void* const dict, const unsigned int len, void* const arg, void (*f)(void*, const char*, unsigned int, const void*, unsigned int)) +ZT_MAYBE_UNUSED int ZT_Dictionary_parse( + const void *const dict, const unsigned int len, void *const arg, + void (*f)(void *, const char *, unsigned int, const void *, unsigned int)) { ZeroTier::Dictionary d; if (d.decode(dict, len)) { @@ -926,9 +961,6 @@ ZT_MAYBE_UNUSED int ZT_Dictionary_parse(const void* const dict, const unsigned i /********************************************************************************************************************/ -ZT_MAYBE_UNUSED uint64_t ZT_random() -{ - return ZeroTier::Utils::random(); -} +ZT_MAYBE_UNUSED uint64_t ZT_random() { return ZeroTier::Utils::random(); } } // extern "C" diff --git a/core/CallContext.hpp b/core/CallContext.hpp index 189edb04c..7c82c77e6 100644 --- a/core/CallContext.hpp +++ b/core/CallContext.hpp @@ -27,9 +27,7 @@ namespace ZeroTier { */ class CallContext { public: - ZT_INLINE CallContext(const int64_t c, const int64_t t, void* const p) : clock(c), ticks(t), tPtr(p) - { - } + ZT_INLINE CallContext(const int64_t c, const int64_t t, void *const p) : clock(c), ticks(t), tPtr(p) {} /** * Real world time in milliseconds since Unix epoch or -1 if unknown. @@ -53,7 +51,7 @@ class CallContext { * By passing this back to callbacks state can be kept by the caller using * a mechanism that is faster (on most platforms) than thread-local storage. */ - void* const tPtr; + void *const tPtr; }; } // namespace ZeroTier diff --git a/core/CapabilityCredential.cpp b/core/CapabilityCredential.cpp index 4e6a7415b..7434c4d0d 100644 --- a/core/CapabilityCredential.cpp +++ b/core/CapabilityCredential.cpp @@ -19,7 +19,9 @@ namespace ZeroTier { -CapabilityCredential::CapabilityCredential(const uint32_t id, const uint64_t nwid, const int64_t timestamp, const ZT_VirtualNetworkRule* const rules, const unsigned int ruleCount) noexcept +CapabilityCredential::CapabilityCredential( + const uint32_t id, const uint64_t nwid, const int64_t timestamp, const ZT_VirtualNetworkRule *const rules, + const unsigned int ruleCount) noexcept : m_nwid(nwid) , m_timestamp(timestamp) , m_id(id) @@ -32,11 +34,11 @@ CapabilityCredential::CapabilityCredential(const uint32_t id, const uint64_t nwi Utils::zero(m_signature); } -bool CapabilityCredential::sign(const Identity& from, const Address& to) noexcept +bool CapabilityCredential::sign(const Identity &from, const Address &to) noexcept { uint8_t buf[ZT_CAPABILITY_MARSHAL_SIZE_MAX + 16]; - m_issuedTo = to; - m_signedBy = from.address(); + m_issuedTo = to; + m_signedBy = from.address(); m_signatureLength = from.sign(buf, (unsigned int)marshal(buf, true), m_signature, sizeof(m_signature)); return m_signatureLength > 0; } @@ -63,7 +65,7 @@ int CapabilityCredential::marshal(uint8_t data[ZT_CAPABILITY_MARSHAL_SIZE_MAX], // chain length. This is deprecated so set the max chain length to one. data[p++] = (uint8_t)1; - if (! forSign) { + if (!forSign) { m_issuedTo.copyTo(data + p); m_signedBy.copyTo(data + p + ZT_ADDRESS_LENGTH); p += ZT_ADDRESS_LENGTH + ZT_ADDRESS_LENGTH; @@ -89,14 +91,14 @@ int CapabilityCredential::marshal(uint8_t data[ZT_CAPABILITY_MARSHAL_SIZE_MAX], return p; } -int CapabilityCredential::unmarshal(const uint8_t* data, int len) noexcept +int CapabilityCredential::unmarshal(const uint8_t *data, int len) noexcept { if (len < 22) return -1; - m_nwid = Utils::loadBigEndian(data); + m_nwid = Utils::loadBigEndian(data); m_timestamp = (int64_t)Utils::loadBigEndian(data + 8); - m_id = Utils::loadBigEndian(data + 16); + m_id = Utils::loadBigEndian(data + 16); const unsigned int rc = Utils::loadBigEndian(data + 20); if (rc > ZT_MAX_CAPABILITY_RULES) @@ -120,7 +122,7 @@ int CapabilityCredential::unmarshal(const uint8_t* data, int len) noexcept const Address to(data + p); p += ZT_ADDRESS_LENGTH; - if (! to) + if (!to) break; m_issuedTo = to; @@ -149,15 +151,14 @@ int CapabilityCredential::unmarshal(const uint8_t* data, int len) noexcept return p; } -int CapabilityCredential::marshalVirtualNetworkRules(uint8_t* data, const ZT_VirtualNetworkRule* const rules, const unsigned int ruleCount) noexcept +int CapabilityCredential::marshalVirtualNetworkRules( + uint8_t *data, const ZT_VirtualNetworkRule *const rules, const unsigned int ruleCount) noexcept { int p = 0; for (unsigned int i = 0; i < ruleCount; ++i) { data[p++] = rules[i].t; switch ((ZT_VirtualNetworkRuleType)(rules[i].t & 0x3fU)) { - default: - data[p++] = 0; - break; + default: data[p++] = 0; break; case ZT_NETWORK_RULE_ACTION_TEE: case ZT_NETWORK_RULE_ACTION_WATCH: case ZT_NETWORK_RULE_ACTION_REDIRECT: @@ -197,10 +198,10 @@ int CapabilityCredential::marshalVirtualNetworkRules(uint8_t* data, const ZT_Vir case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE: case ZT_NETWORK_RULE_MATCH_IPV4_DEST: data[p++] = 5; - data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[0]; - data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[1]; - data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[2]; - data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[3]; + data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[0]; + data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[1]; + data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[2]; + data[p++] = reinterpret_cast(&(rules[i].v.ipv4.ip))[3]; data[p++] = rules[i].v.ipv4.mask; break; case ZT_NETWORK_RULE_MATCH_IPV6_SOURCE: @@ -273,7 +274,8 @@ int CapabilityCredential::marshalVirtualNetworkRules(uint8_t* data, const ZT_Vir data[p++] = 19; Utils::storeBigEndian(data + p, rules[i].v.intRange.start); p += 8; - Utils::storeBigEndian(data + p, rules[i].v.intRange.start + (uint64_t)rules[i].v.intRange.end); + Utils::storeBigEndian( + data + p, rules[i].v.intRange.start + (uint64_t)rules[i].v.intRange.end); p += 8; Utils::storeBigEndian(data + p, rules[i].v.intRange.idx); p += 2; @@ -284,9 +286,11 @@ int CapabilityCredential::marshalVirtualNetworkRules(uint8_t* data, const ZT_Vir return p; } -int CapabilityCredential::unmarshalVirtualNetworkRules(const uint8_t* const data, const int len, ZT_VirtualNetworkRule* const rules, unsigned int& ruleCount, const unsigned int maxRuleCount) noexcept +int CapabilityCredential::unmarshalVirtualNetworkRules( + const uint8_t *const data, const int len, ZT_VirtualNetworkRule *const rules, unsigned int &ruleCount, + const unsigned int maxRuleCount) noexcept { - int p = 0; + int p = 0; unsigned int rc = 0; while (rc < maxRuleCount) { if (p >= len) @@ -296,8 +300,7 @@ int CapabilityCredential::unmarshalVirtualNetworkRules(const uint8_t* const data if ((p + fieldLen) > len) return -1; switch ((ZT_VirtualNetworkRuleType)(rules[ruleCount].t & 0x3fU)) { - default: - break; + default: break; case ZT_NETWORK_RULE_ACTION_TEE: case ZT_NETWORK_RULE_ACTION_WATCH: case ZT_NETWORK_RULE_ACTION_REDIRECT: @@ -359,7 +362,7 @@ int CapabilityCredential::unmarshalVirtualNetworkRules(const uint8_t* const data case ZT_NETWORK_RULE_MATCH_IP_TOS: if ((p + 3) > len) return -1; - rules[ruleCount].v.ipTos.mask = data[p++]; + rules[ruleCount].v.ipTos.mask = data[p++]; rules[ruleCount].v.ipTos.value[0] = data[p++]; rules[ruleCount].v.ipTos.value[1] = data[p++]; break; @@ -377,8 +380,8 @@ int CapabilityCredential::unmarshalVirtualNetworkRules(const uint8_t* const data case ZT_NETWORK_RULE_MATCH_ICMP: if ((p + 3) > len) return -1; - rules[ruleCount].v.icmp.type = data[p++]; - rules[ruleCount].v.icmp.code = data[p++]; + rules[ruleCount].v.icmp.type = data[p++]; + rules[ruleCount].v.icmp.code = data[p++]; rules[ruleCount].v.icmp.flags = data[p++]; break; case ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE: @@ -429,7 +432,8 @@ int CapabilityCredential::unmarshalVirtualNetworkRules(const uint8_t* const data return -1; rules[ruleCount].v.intRange.start = Utils::loadBigEndian(data + p); p += 8; - rules[ruleCount].v.intRange.end = (uint32_t)(Utils::loadBigEndian(data + p) - rules[ruleCount].v.intRange.start); + rules[ruleCount].v.intRange.end = + (uint32_t)(Utils::loadBigEndian(data + p) - rules[ruleCount].v.intRange.start); p += 8; rules[ruleCount].v.intRange.idx = Utils::loadBigEndian(data + p); p += 2; diff --git a/core/CapabilityCredential.hpp b/core/CapabilityCredential.hpp index 0af861780..e8f5c024a 100644 --- a/core/CapabilityCredential.hpp +++ b/core/CapabilityCredential.hpp @@ -22,7 +22,9 @@ #include "Utils.hpp" #define ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX 21 -#define ZT_CAPABILITY_MARSHAL_SIZE_MAX (8 + 8 + 4 + 1 + 2 + (ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX * ZT_MAX_CAPABILITY_RULES) + 2 + (5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE)) +#define ZT_CAPABILITY_MARSHAL_SIZE_MAX \ + (8 + 8 + 4 + 1 + 2 + (ZT_VIRTUALNETWORKRULE_MARSHAL_SIZE_MAX * ZT_MAX_CAPABILITY_RULES) + 2 \ + + (5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE)) namespace ZeroTier { @@ -50,15 +52,9 @@ class CapabilityCredential : public Credential { friend class Credential; public: - static constexpr ZT_CredentialType credentialType() noexcept - { - return ZT_CREDENTIAL_TYPE_CAPABILITY; - } + static constexpr ZT_CredentialType credentialType() noexcept { return ZT_CREDENTIAL_TYPE_CAPABILITY; } - ZT_INLINE CapabilityCredential() noexcept - { - memoryZero(this); - } + ZT_INLINE CapabilityCredential() noexcept { memoryZero(this); } /** * @param id Capability ID @@ -68,63 +64,35 @@ class CapabilityCredential : public Credential { * @param rules Network flow rules for this capability * @param ruleCount Number of flow rules */ - CapabilityCredential(const uint32_t id, const uint64_t nwid, const int64_t timestamp, const ZT_VirtualNetworkRule* const rules, const unsigned int ruleCount) noexcept; + CapabilityCredential( + const uint32_t id, const uint64_t nwid, const int64_t timestamp, const ZT_VirtualNetworkRule *const rules, + const unsigned int ruleCount) noexcept; /** * @return Rules -- see ruleCount() for size of array */ - ZT_INLINE const ZT_VirtualNetworkRule* rules() const noexcept - { - return m_rules; - } + ZT_INLINE const ZT_VirtualNetworkRule *rules() const noexcept { return m_rules; } /** * @return Number of rules in rules() */ - ZT_INLINE unsigned int ruleCount() const noexcept - { - return m_ruleCount; - } + ZT_INLINE unsigned int ruleCount() const noexcept { return m_ruleCount; } - ZT_INLINE uint32_t id() const noexcept - { - return m_id; - } + ZT_INLINE uint32_t id() const noexcept { return m_id; } - ZT_INLINE uint64_t networkId() const noexcept - { - return m_nwid; - } + ZT_INLINE uint64_t networkId() const noexcept { return m_nwid; } - ZT_INLINE int64_t timestamp() const noexcept - { - return m_timestamp; - } + ZT_INLINE int64_t timestamp() const noexcept { return m_timestamp; } - ZT_INLINE int64_t revision() const noexcept - { - return m_timestamp; - } + ZT_INLINE int64_t revision() const noexcept { return m_timestamp; } - ZT_INLINE const Address& issuedTo() const noexcept - { - return m_issuedTo; - } + ZT_INLINE const Address &issuedTo() const noexcept { return m_issuedTo; } - ZT_INLINE const Address& signer() const noexcept - { - return m_signedBy; - } + ZT_INLINE const Address &signer() const noexcept { return m_signedBy; } - ZT_INLINE const uint8_t* signature() const noexcept - { - return m_signature; - } + ZT_INLINE const uint8_t *signature() const noexcept { return m_signature; } - ZT_INLINE unsigned int signatureLength() const noexcept - { - return m_signatureLength; - } + ZT_INLINE unsigned int signatureLength() const noexcept { return m_signatureLength; } /** * Sign this capability and add signature to its chain of custody @@ -139,25 +107,22 @@ class CapabilityCredential : public Credential { * @param to Recipient of this signature * @return True if signature successful and chain of custody appended */ - bool sign(const Identity& from, const Address& to) noexcept; + bool sign(const Identity &from, const Address &to) noexcept; /** * Verify this capability's chain of custody and signatures * * @param RR Runtime environment to provide for peer lookup, etc. */ - ZT_INLINE Credential::VerifyResult verify(const Context& ctx, const CallContext& cc) const noexcept + ZT_INLINE Credential::VerifyResult verify(const Context &ctx, const CallContext &cc) const noexcept { return s_verify(ctx, cc, *this); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_CAPABILITY_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_CAPABILITY_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_CAPABILITY_MARSHAL_SIZE_MAX], bool forSign = false) const noexcept; - int unmarshal(const uint8_t* data, int len) noexcept; + int unmarshal(const uint8_t *data, int len) noexcept; /** * Marshal a set of virtual network rules @@ -167,7 +132,8 @@ class CapabilityCredential : public Credential { * @param ruleCount Number of rules * @return Number of bytes written or -1 on error */ - static int marshalVirtualNetworkRules(uint8_t* data, const ZT_VirtualNetworkRule* rules, unsigned int ruleCount) noexcept; + static int + marshalVirtualNetworkRules(uint8_t *data, const ZT_VirtualNetworkRule *rules, unsigned int ruleCount) noexcept; /** * Unmarshal a set of virtual network rules @@ -179,20 +145,19 @@ class CapabilityCredential : public Credential { * @param maxRuleCount Capacity of rules buffer * @return Number of bytes unmarshaled or -1 on error */ - static int unmarshalVirtualNetworkRules(const uint8_t* data, int len, ZT_VirtualNetworkRule* rules, unsigned int& ruleCount, unsigned int maxRuleCount) noexcept; + static int unmarshalVirtualNetworkRules( + const uint8_t *data, int len, ZT_VirtualNetworkRule *rules, unsigned int &ruleCount, + unsigned int maxRuleCount) noexcept; // Provides natural sort order by ID - ZT_INLINE bool operator<(const CapabilityCredential& c) const noexcept - { - return (m_id < c.m_id); - } + ZT_INLINE bool operator<(const CapabilityCredential &c) const noexcept { return (m_id < c.m_id); } - ZT_INLINE bool operator==(const CapabilityCredential& c) const noexcept + ZT_INLINE bool operator==(const CapabilityCredential &c) const noexcept { return (memcmp(this, &c, sizeof(CapabilityCredential)) == 0); } - ZT_INLINE bool operator!=(const CapabilityCredential& c) const noexcept + ZT_INLINE bool operator!=(const CapabilityCredential &c) const noexcept { return (memcmp(this, &c, sizeof(CapabilityCredential)) != 0); } diff --git a/core/Certificate.cpp b/core/Certificate.cpp index 8416a8898..50ab4f514 100644 --- a/core/Certificate.cpp +++ b/core/Certificate.cpp @@ -345,12 +345,15 @@ bool Certificate::sign( default: return false; case ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_ECDSA_NIST_P_384: if (issuerPrivateKeySize == (1 + ZT_ECC384_PUBLIC_KEY_SIZE + ZT_ECC384_PRIVATE_KEY_SIZE)) { - if ((!issuer)||((this->publicKeySize == (ZT_ECC384_PUBLIC_KEY_SIZE + 1))&&(memcmp(issuerPrivateKey, this->publicKey, ZT_ECC384_PUBLIC_KEY_SIZE + 1) == 0))) { + if ((!issuer) + || ((this->publicKeySize == (ZT_ECC384_PUBLIC_KEY_SIZE + 1)) + && (memcmp(issuerPrivateKey, this->publicKey, ZT_ECC384_PUBLIC_KEY_SIZE + 1) == 0))) { // If public key and issuer public key match, this is a self-signed certificate. // This can also be specified by signing with issuer set to NULL. Utils::fillissuer), 0xff>(this->issuer); this->issuerPublicKeySize = 0; - } else { + } + else { // Otherwise set the issuer and issuer public key. Utils::copyissuer)>(this->issuer, issuer); Utils::copy<1 + ZT_ECC384_PUBLIC_KEY_SIZE>( diff --git a/core/Certificate.hpp b/core/Certificate.hpp index 68c255a87..f8d3171aa 100644 --- a/core/Certificate.hpp +++ b/core/Certificate.hpp @@ -46,17 +46,17 @@ namespace ZeroTier { class Certificate : public ZT_Certificate { public: Certificate() noexcept; - explicit Certificate(const ZT_Certificate& apiCert); - Certificate(const Certificate& cert); + explicit Certificate(const ZT_Certificate &apiCert); + Certificate(const Certificate &cert); ~Certificate(); - Certificate& operator=(const ZT_Certificate& cert); + Certificate &operator=(const ZT_Certificate &cert); - ZT_INLINE Certificate& operator=(const Certificate& cert) noexcept + ZT_INLINE Certificate &operator=(const Certificate &cert) noexcept { if (likely(&cert != this)) { - const ZT_Certificate* const sup = &cert; - *this = *sup; + const ZT_Certificate *const sup = &cert; + *this = *sup; } return *this; } @@ -64,17 +64,14 @@ class Certificate : public ZT_Certificate { /** * @return Serial number in a H384 object */ - ZT_INLINE H384 getSerialNo() const noexcept - { - return H384(this->serialNo); - } + ZT_INLINE H384 getSerialNo() const noexcept { return H384(this->serialNo); } /** * @return True if this is a self-signed certificate */ ZT_INLINE bool isSelfSigned() const noexcept { - for(unsigned int i=0;iissuer[i] != 0xff) return false; } @@ -87,7 +84,7 @@ class Certificate : public ZT_Certificate { * @param id Identity * @return Pointer to C struct */ - ZT_Certificate_Identity* addSubjectIdentity(const Identity& id); + ZT_Certificate_Identity *addSubjectIdentity(const Identity &id); /** * Add a subject node/identity with a locator @@ -96,7 +93,7 @@ class Certificate : public ZT_Certificate { * @param loc Locator signed by identity (signature is NOT checked here) * @return Pointer to C struct */ - ZT_Certificate_Identity* addSubjectIdentity(const Identity& id, const Locator& loc); + ZT_Certificate_Identity *addSubjectIdentity(const Identity &id, const Locator &loc); /** * Add a subject network @@ -105,14 +102,14 @@ class Certificate : public ZT_Certificate { * @param controller Network controller's full fingerprint * @return Pointer to C struct */ - ZT_Certificate_Network* addSubjectNetwork(uint64_t id, const ZT_Fingerprint& controller); + ZT_Certificate_Network *addSubjectNetwork(uint64_t id, const ZT_Fingerprint &controller); /** * Add an update URL to the updateUrls list * * @param url Update URL */ - void addSubjectUpdateUrl(const char* url); + void addSubjectUpdateUrl(const char *url); /** * Sign subject with unique ID private key and set. @@ -124,7 +121,7 @@ class Certificate : public ZT_Certificate { * @param uniqueIdPrivateSize Size of private key * @return True on success */ - ZT_INLINE bool setSubjectUniqueId(const void* uniqueIdPrivate, unsigned int uniqueIdPrivateSize) + ZT_INLINE bool setSubjectUniqueId(const void *uniqueIdPrivate, unsigned int uniqueIdPrivateSize) { return m_setSubjectUniqueId(this->subject, uniqueIdPrivate, uniqueIdPrivateSize); } @@ -147,7 +144,7 @@ class Certificate : public ZT_Certificate { * @param len Length of marshalled certificate * @return True if input is valid and was unmarshalled (signature is NOT checked) */ - bool decode(const void* data, unsigned int len); + bool decode(const void *data, unsigned int len); /** * Sign this certificate. @@ -156,7 +153,9 @@ class Certificate : public ZT_Certificate { * * @return True on success */ - bool sign(const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, unsigned int issuerPrivateKeySize); + bool sign( + const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void *issuerPrivateKey, + unsigned int issuerPrivateKeySize); /** * Verify self-contained signatures and validity of certificate structure @@ -178,7 +177,8 @@ class Certificate : public ZT_Certificate { */ ZT_INLINE bool verifyTimeWindow(int64_t clock) const noexcept { - return ((clock >= this->validity[0]) && (clock <= this->validity[1]) && (this->validity[0] <= this->validity[1])); + return ( + (clock >= this->validity[0]) && (clock <= this->validity[1]) && (this->validity[0] <= this->validity[1])); } /** @@ -191,7 +191,9 @@ class Certificate : public ZT_Certificate { * @param privateKeySize Result parameter: set to size of private key * @return True on success */ - static bool newKeyPair(const ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize); + static bool newKeyPair( + const ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], + int *const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int *const privateKeySize); /** * Create a CSR that encodes the subject of this certificate @@ -203,47 +205,50 @@ class Certificate : public ZT_Certificate { * @param uniqueIdPrivateSize Size of unique ID private key * @return Encoded subject (without any unique ID fields) or empty vector on error */ - static Vector createCSR(const ZT_Certificate_Subject& s, const void* certificatePrivateKey, unsigned int certificatePrivateKeySize, const void* uniqueIdPrivate, unsigned int uniqueIdPrivateSize); + static Vector createCSR( + const ZT_Certificate_Subject &s, const void *certificatePrivateKey, unsigned int certificatePrivateKeySize, + const void *uniqueIdPrivate, unsigned int uniqueIdPrivateSize); ZT_INLINE unsigned long hashCode() const noexcept { return (unsigned long)Utils::loadMachineEndian(this->serialNo); } - ZT_INLINE bool operator==(const ZT_Certificate& c) const noexcept + ZT_INLINE bool operator==(const ZT_Certificate &c) const noexcept { return memcmp(this->serialNo, c.serialNo, ZT_SHA384_DIGEST_SIZE) == 0; } - ZT_INLINE bool operator!=(const ZT_Certificate& c) const noexcept + ZT_INLINE bool operator!=(const ZT_Certificate &c) const noexcept { return memcmp(this->serialNo, c.serialNo, ZT_SHA384_DIGEST_SIZE) != 0; } - ZT_INLINE bool operator<(const ZT_Certificate& c) const noexcept + ZT_INLINE bool operator<(const ZT_Certificate &c) const noexcept { return memcmp(this->serialNo, c.serialNo, ZT_SHA384_DIGEST_SIZE) < 0; } - ZT_INLINE bool operator<=(const ZT_Certificate& c) const noexcept + ZT_INLINE bool operator<=(const ZT_Certificate &c) const noexcept { return memcmp(this->serialNo, c.serialNo, ZT_SHA384_DIGEST_SIZE) <= 0; } - ZT_INLINE bool operator>(const ZT_Certificate& c) const noexcept + ZT_INLINE bool operator>(const ZT_Certificate &c) const noexcept { return memcmp(this->serialNo, c.serialNo, ZT_SHA384_DIGEST_SIZE) > 0; } - ZT_INLINE bool operator>=(const ZT_Certificate& c) const noexcept + ZT_INLINE bool operator>=(const ZT_Certificate &c) const noexcept { return memcmp(this->serialNo, c.serialNo, ZT_SHA384_DIGEST_SIZE) >= 0; } private: void m_clear(); - static bool m_setSubjectUniqueId(ZT_Certificate_Subject& s, const void* uniqueIdPrivate, unsigned int uniqueIdPrivateSize); - static void m_encodeSubject(const ZT_Certificate_Subject& s, Dictionary& d, bool omitUniqueIdProofSignature); + static bool + m_setSubjectUniqueId(ZT_Certificate_Subject &s, const void *uniqueIdPrivate, unsigned int uniqueIdPrivateSize); + static void m_encodeSubject(const ZT_Certificate_Subject &s, Dictionary &d, bool omitUniqueIdProofSignature); // These hold any identity or locator objects that are owned by and should // be deleted with this certificate. Lists are used so the pointers never @@ -255,7 +260,7 @@ class Certificate : public ZT_Certificate { // These are stored in a vector because the memory needs to be contiguous. Vector m_subjectIdentities; Vector m_subjectNetworks; - Vector m_updateUrls; + Vector m_updateUrls; Vector m_extendedAttributes; }; diff --git a/core/Containers.hpp b/core/Containers.hpp index c52f3e62c..0b083393b 100644 --- a/core/Containers.hpp +++ b/core/Containers.hpp @@ -38,13 +38,9 @@ namespace ZeroTier { template class Vector : public std::vector { public: - ZT_INLINE Vector() : std::vector() - { - } + ZT_INLINE Vector() : std::vector() {} - template ZT_INLINE Vector(I begin, I end) : std::vector(begin, end) - { - } + template ZT_INLINE Vector(I begin, I end) : std::vector(begin, end) {} }; template class List : public std::list { @@ -53,12 +49,9 @@ template class List : public std::list { #ifdef __CPP11__ struct intl_MapHasher { - template std::size_t operator()(const O& obj) const noexcept - { - return (std::size_t)obj.hashCode(); - } + template std::size_t operator()(const O &obj) const noexcept { return (std::size_t)obj.hashCode(); } - std::size_t operator()(const Vector& bytes) const noexcept + std::size_t operator()(const Vector &bytes) const noexcept { return (std::size_t)Utils::fnv1a32(bytes.data(), (unsigned int)bytes.size()); } @@ -87,7 +80,8 @@ struct intl_MapHasher { template class Map : public std::unordered_map { }; -template class MultiMap : public std::unordered_multimap > { +template +class MultiMap : public std::unordered_multimap> { }; #else @@ -115,7 +109,7 @@ template class ForwardList : public std::list { #endif -template class Set : public std::set > { +template class Set : public std::set> { }; typedef std::string String; @@ -126,66 +120,45 @@ typedef std::string String; struct H384 { uint64_t data[6]; - ZT_INLINE H384() noexcept - { - Utils::zero(data); - } + ZT_INLINE H384() noexcept { Utils::zero(data); } - ZT_INLINE H384(const H384& b) noexcept - { - Utils::copy<48>(data, b.data); - } + ZT_INLINE H384(const H384 &b) noexcept { Utils::copy<48>(data, b.data); } - explicit ZT_INLINE H384(const void* const d) noexcept - { - Utils::copy<48>(data, d); - } + explicit ZT_INLINE H384(const void *const d) noexcept { Utils::copy<48>(data, d); } - ZT_INLINE H384& operator=(const H384& b) noexcept + ZT_INLINE H384 &operator=(const H384 &b) noexcept { Utils::copy<48>(data, b.data); return *this; } - ZT_INLINE unsigned long hashCode() const noexcept - { - return (unsigned long)data[0]; - } + ZT_INLINE unsigned long hashCode() const noexcept { return (unsigned long)data[0]; } ZT_INLINE operator bool() const noexcept { - return ((data[0] != 0) && (data[1] != 0) && (data[2] != 0) && (data[3] != 0) && (data[4] != 0) && (data[5] != 0)); + return ( + (data[0] != 0) && (data[1] != 0) && (data[2] != 0) && (data[3] != 0) && (data[4] != 0) && (data[5] != 0)); } - ZT_INLINE bool operator==(const H384& b) const noexcept + ZT_INLINE bool operator==(const H384 &b) const noexcept { - return ((data[0] == b.data[0]) && (data[1] == b.data[1]) && (data[2] == b.data[2]) && (data[3] == b.data[3]) && (data[4] == b.data[4]) && (data[5] == b.data[5])); + return ( + (data[0] == b.data[0]) && (data[1] == b.data[1]) && (data[2] == b.data[2]) && (data[3] == b.data[3]) + && (data[4] == b.data[4]) && (data[5] == b.data[5])); } - ZT_INLINE bool operator!=(const H384& b) const noexcept - { - return ! (*this == b); - } + ZT_INLINE bool operator!=(const H384 &b) const noexcept { return !(*this == b); } - ZT_INLINE bool operator<(const H384& b) const noexcept + ZT_INLINE bool operator<(const H384 &b) const noexcept { return std::lexicographical_compare(data, data + 6, b.data, b.data + 6); } - ZT_INLINE bool operator<=(const H384& b) const noexcept - { - return ! (b < *this); - } + ZT_INLINE bool operator<=(const H384 &b) const noexcept { return !(b < *this); } - ZT_INLINE bool operator>(const H384& b) const noexcept - { - return (b < *this); - } + ZT_INLINE bool operator>(const H384 &b) const noexcept { return (b < *this); } - ZT_INLINE bool operator>=(const H384& b) const noexcept - { - return ! (*this < b); - } + ZT_INLINE bool operator>=(const H384 &b) const noexcept { return !(*this < b); } }; static_assert(sizeof(H384) == 48, "H384 contains unnecessary padding"); @@ -198,22 +171,13 @@ static_assert(sizeof(H384) == 48, "H384 contains unnecessary padding"); template struct Blob { uint8_t data[S]; - ZT_INLINE Blob() noexcept - { - Utils::zero(data); - } + ZT_INLINE Blob() noexcept { Utils::zero(data); } - ZT_INLINE Blob(const Blob& b) noexcept - { - Utils::copy(data, b.data); - } + ZT_INLINE Blob(const Blob &b) noexcept { Utils::copy(data, b.data); } - explicit ZT_INLINE Blob(const void* const d) noexcept - { - Utils::copy(data, d); - } + explicit ZT_INLINE Blob(const void *const d) noexcept { Utils::copy(data, d); } - explicit ZT_INLINE Blob(const void* const d, const unsigned int l) noexcept + explicit ZT_INLINE Blob(const void *const d, const unsigned int l) noexcept { Utils::copy(data, d, (l > (unsigned int)S) ? (unsigned int)S : l); if (l < S) { @@ -221,51 +185,27 @@ template struct Blob { } } - ZT_INLINE Blob& operator=(const Blob& b) noexcept + ZT_INLINE Blob &operator=(const Blob &b) noexcept { Utils::copy(data, b.data); return *this; } - ZT_INLINE unsigned long hashCode() const noexcept - { - return Utils::fnv1a32(data, (unsigned int)S); - } + ZT_INLINE unsigned long hashCode() const noexcept { return Utils::fnv1a32(data, (unsigned int)S); } - ZT_INLINE operator bool() const noexcept - { - return Utils::allZero(data, (unsigned int)S); - } + ZT_INLINE operator bool() const noexcept { return Utils::allZero(data, (unsigned int)S); } - ZT_INLINE bool operator==(const Blob& b) const noexcept - { - return (memcmp(data, b.data, S) == 0); - } + ZT_INLINE bool operator==(const Blob &b) const noexcept { return (memcmp(data, b.data, S) == 0); } - ZT_INLINE bool operator!=(const Blob& b) const noexcept - { - return (memcmp(data, b.data, S) != 0); - } + ZT_INLINE bool operator!=(const Blob &b) const noexcept { return (memcmp(data, b.data, S) != 0); } - ZT_INLINE bool operator<(const Blob& b) const noexcept - { - return (memcmp(data, b.data, S) < 0); - } + ZT_INLINE bool operator<(const Blob &b) const noexcept { return (memcmp(data, b.data, S) < 0); } - ZT_INLINE bool operator<=(const Blob& b) const noexcept - { - return (memcmp(data, b.data, S) <= 0); - } + ZT_INLINE bool operator<=(const Blob &b) const noexcept { return (memcmp(data, b.data, S) <= 0); } - ZT_INLINE bool operator>(const Blob& b) const noexcept - { - return (memcmp(data, b.data, S) > 0); - } + ZT_INLINE bool operator>(const Blob &b) const noexcept { return (memcmp(data, b.data, S) > 0); } - ZT_INLINE bool operator>=(const Blob& b) const noexcept - { - return (memcmp(data, b.data, S) >= 0); - } + ZT_INLINE bool operator>=(const Blob &b) const noexcept { return (memcmp(data, b.data, S) >= 0); } }; } // namespace ZeroTier diff --git a/core/Context.hpp b/core/Context.hpp index dacb8a79d..fbc81131f 100644 --- a/core/Context.hpp +++ b/core/Context.hpp @@ -40,7 +40,7 @@ class Network; */ class Context { public: - ZT_INLINE Context(Node* const n) noexcept + ZT_INLINE Context(Node *const n) noexcept : instanceId(Utils::getSecureRandomU64()) , node(n) , uPtr(nullptr) @@ -59,35 +59,32 @@ class Context { secretIdentityStr[0] = 0; } - ZT_INLINE ~Context() noexcept - { - Utils::burn(secretIdentityStr, sizeof(secretIdentityStr)); - } + ZT_INLINE ~Context() noexcept { Utils::burn(secretIdentityStr, sizeof(secretIdentityStr)); } // Unique ID generated on startup const uint64_t instanceId; // Node instance that owns this RuntimeEnvironment - Node* const restrict node; + Node *const restrict node; // Callbacks specified by caller who created node ZT_Node_Callbacks cb; // User pointer specified by external code via API - void* restrict uPtr; + void *restrict uPtr; // This is set externally to an instance of this base class - NetworkController* restrict localNetworkController; + NetworkController *restrict localNetworkController; - Store* restrict store; - TinyMap >* restrict networks; - Trace* restrict t; - Expect* restrict expect; - VL2* restrict vl2; - VL1* restrict vl1; - Topology* restrict topology; - SelfAwareness* restrict sa; - TrustStore* restrict ts; + Store *restrict store; + TinyMap> *restrict networks; + Trace *restrict t; + Expect *restrict expect; + VL2 *restrict vl2; + VL1 *restrict vl1; + Topology *restrict topology; + SelfAwareness *restrict sa; + TrustStore *restrict ts; // This node's identity and string representations thereof Identity identity; diff --git a/core/Credential.cpp b/core/Credential.cpp index 88aaa8aa5..f91f03ced 100644 --- a/core/Credential.cpp +++ b/core/Credential.cpp @@ -43,24 +43,28 @@ namespace ZeroTier { -template static ZT_INLINE Credential::VerifyResult p_credVerify(const Context& ctx, const CallContext& cc, CRED credential) +template +static ZT_INLINE Credential::VerifyResult p_credVerify(const Context &ctx, const CallContext &cc, CRED credential) { uint8_t tmp[ZT_BUF_MEM_SIZE + 16]; const Address signedBy(credential.signer()); const uint64_t networkId = credential.networkId(); - if ((! signedBy) || (signedBy != Network::controllerFor(networkId))) + if ((!signedBy) || (signedBy != Network::controllerFor(networkId))) return Credential::VERIFY_BAD_SIGNATURE; const SharedPtr peer(ctx.topology->peer(cc, signedBy)); - if (! peer) + if (!peer) return Credential::VERIFY_NEED_IDENTITY; try { int l = credential.marshal(tmp, true); if (l <= 0) return Credential::VERIFY_BAD_SIGNATURE; - return (peer->identity().verify(tmp, (unsigned int)l, credential.signature(), credential.signatureLength()) ? Credential::VERIFY_OK : Credential::VERIFY_BAD_SIGNATURE); + return ( + peer->identity().verify(tmp, (unsigned int)l, credential.signature(), credential.signatureLength()) + ? Credential::VERIFY_OK + : Credential::VERIFY_BAD_SIGNATURE); } catch (...) { } @@ -68,41 +72,48 @@ template static ZT_INLINE Credential::VerifyResult p_credVerify( return Credential::VERIFY_BAD_SIGNATURE; } -Credential::VerifyResult Credential::s_verify(const Context& ctx, const CallContext& cc, const RevocationCredential& credential) +Credential::VerifyResult +Credential::s_verify(const Context &ctx, const CallContext &cc, const RevocationCredential &credential) { return p_credVerify(ctx, cc, credential); } -Credential::VerifyResult Credential::s_verify(const Context& ctx, const CallContext& cc, const TagCredential& credential) +Credential::VerifyResult +Credential::s_verify(const Context &ctx, const CallContext &cc, const TagCredential &credential) { return p_credVerify(ctx, cc, credential); } -Credential::VerifyResult Credential::s_verify(const Context& ctx, const CallContext& cc, const CapabilityCredential& credential) +Credential::VerifyResult +Credential::s_verify(const Context &ctx, const CallContext &cc, const CapabilityCredential &credential) { return p_credVerify(ctx, cc, credential); } -Credential::VerifyResult Credential::s_verify(const Context& ctx, const CallContext& cc, const OwnershipCredential& credential) +Credential::VerifyResult +Credential::s_verify(const Context &ctx, const CallContext &cc, const OwnershipCredential &credential) { return p_credVerify(ctx, cc, credential); } -Credential::VerifyResult Credential::s_verify(const Context& ctx, const CallContext& cc, const MembershipCredential& credential) +Credential::VerifyResult +Credential::s_verify(const Context &ctx, const CallContext &cc, const MembershipCredential &credential) { // Sanity check network ID. - if ((! credential.m_signedBy) || (credential.m_signedBy != Network::controllerFor(credential.m_networkId))) + if ((!credential.m_signedBy) || (credential.m_signedBy != Network::controllerFor(credential.m_networkId))) return Credential::VERIFY_BAD_SIGNATURE; // If we don't know the peer, get its identity. This shouldn't happen here but should be handled. const SharedPtr peer(ctx.topology->peer(cc, credential.m_signedBy)); - if (! peer) + if (!peer) return Credential::VERIFY_NEED_IDENTITY; // Now verify the controller's signature. uint64_t buf[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX / 8]; const unsigned int bufSize = credential.m_fillSigningBuf(buf); - return peer->identity().verify(buf, bufSize, credential.m_signature, credential.m_signatureLength) ? Credential::VERIFY_OK : Credential::VERIFY_BAD_SIGNATURE; + return peer->identity().verify(buf, bufSize, credential.m_signature, credential.m_signatureLength) + ? Credential::VERIFY_OK + : Credential::VERIFY_BAD_SIGNATURE; } } // namespace ZeroTier diff --git a/core/Credential.hpp b/core/Credential.hpp index d3fc92185..8361dac04 100644 --- a/core/Credential.hpp +++ b/core/Credential.hpp @@ -43,11 +43,11 @@ class Credential : public TriviallyCopyable { enum VerifyResult { VERIFY_OK = 0, VERIFY_BAD_SIGNATURE = 1, VERIFY_NEED_IDENTITY = 2 }; protected: - static VerifyResult s_verify(const Context& ctx, const CallContext& cc, const MembershipCredential& credential); - static VerifyResult s_verify(const Context& ctx, const CallContext& cc, const RevocationCredential& credential); - static VerifyResult s_verify(const Context& ctx, const CallContext& cc, const TagCredential& credential); - static VerifyResult s_verify(const Context& ctx, const CallContext& cc, const OwnershipCredential& credential); - static VerifyResult s_verify(const Context& ctx, const CallContext& cc, const CapabilityCredential& credential); + static VerifyResult s_verify(const Context &ctx, const CallContext &cc, const MembershipCredential &credential); + static VerifyResult s_verify(const Context &ctx, const CallContext &cc, const RevocationCredential &credential); + static VerifyResult s_verify(const Context &ctx, const CallContext &cc, const TagCredential &credential); + static VerifyResult s_verify(const Context &ctx, const CallContext &cc, const OwnershipCredential &credential); + static VerifyResult s_verify(const Context &ctx, const CallContext &cc, const CapabilityCredential &credential); }; } // namespace ZeroTier diff --git a/core/Defaults.cpp b/core/Defaults.cpp index 7fd55d67f..f9b66b815 100644 --- a/core/Defaults.cpp +++ b/core/Defaults.cpp @@ -16,7 +16,7 @@ namespace ZeroTier { namespace Defaults { -const uint8_t* CERTIFICATE[DEFAULT_CERTIFICATE_COUNT] = {}; +const uint8_t *CERTIFICATE[DEFAULT_CERTIFICATE_COUNT] = {}; unsigned int CERTIFICATE_SIZE[DEFAULT_CERTIFICATE_COUNT] = {}; diff --git a/core/Defaults.hpp b/core/Defaults.hpp index d65e0b9d6..53540a7b7 100644 --- a/core/Defaults.hpp +++ b/core/Defaults.hpp @@ -21,7 +21,7 @@ namespace Defaults { #define DEFAULT_CERTIFICATE_COUNT 0 -extern const uint8_t* CERTIFICATE[DEFAULT_CERTIFICATE_COUNT]; +extern const uint8_t *CERTIFICATE[DEFAULT_CERTIFICATE_COUNT]; extern unsigned int CERTIFICATE_SIZE[DEFAULT_CERTIFICATE_COUNT]; } // namespace Defaults diff --git a/core/Defragmenter.hpp b/core/Defragmenter.hpp index 8425b7f01..91d4a12eb 100644 --- a/core/Defragmenter.hpp +++ b/core/Defragmenter.hpp @@ -46,7 +46,10 @@ namespace ZeroTier { * @tparam GCT Garbage collection trigger threshold, usually 2X GCS (default: ZT_MAX_PACKET_FRAGMENTS * 4) * @tparam P Type for pointer to a path object (default: SharedPtr) */ -template > +template < + unsigned int MF = ZT_MAX_PACKET_FRAGMENTS, unsigned int MFP = ZT_MAX_INCOMING_FRAGMENTS_PER_PATH, + unsigned int GCS = (ZT_MAX_PACKET_FRAGMENTS * 2), unsigned int GCT = (ZT_MAX_PACKET_FRAGMENTS * 4), + typename P = SharedPtr> class Defragmenter { public: /** @@ -90,9 +93,7 @@ class Defragmenter { ERR_OUT_OF_MEMORY }; - ZT_INLINE Defragmenter() - { - } + ZT_INLINE Defragmenter() {} /** * Process a fragment of a multi-part message @@ -136,15 +137,9 @@ class Defragmenter { * @return Result code */ ZT_INLINE ResultCode assemble( - const uint64_t messageId, - FCV& message, - SharedPtr& fragment, - const unsigned int fragmentDataIndex, - const unsigned int fragmentDataSize, - const unsigned int fragmentNo, - const unsigned int totalFragmentsExpected, - const int64_t ts, - const P& via) + const uint64_t messageId, FCV &message, SharedPtr &fragment, + const unsigned int fragmentDataIndex, const unsigned int fragmentDataSize, const unsigned int fragmentNo, + const unsigned int totalFragmentsExpected, const int64_t ts, const P &via) { // Sanity checks for malformed fragments or invalid input parameters. if ((fragmentNo >= totalFragmentsExpected) || (totalFragmentsExpected > MF) || (totalFragmentsExpected == 0)) @@ -162,7 +157,7 @@ class Defragmenter { // under the target size. This tries to minimize the amount of time the write // lock is held since many threads can hold the read lock but all threads must // wait if someone holds the write lock. - std::vector > messagesByLastUsedTime; + std::vector> messagesByLastUsedTime; messagesByLastUsedTime.reserve(m_messages.size()); for (typename Map::const_iterator i(m_messages.begin()); i != m_messages.end(); ++i) @@ -179,7 +174,7 @@ class Defragmenter { } // Get or create message fragment. - Defragmenter::p_E* e; + Defragmenter::p_E *e; { typename Map::p_E>::iterator ee(m_messages.find(messageId)); if (ee == m_messages.end()) { @@ -218,8 +213,8 @@ class Defragmenter { // If there is a path associated with this fragment make sure we've registered // ourselves as in flight, check the limit, and abort if exceeded. - if ((via) && (! e->via)) { - e->via = via; + if ((via) && (!e->via)) { + e->via = via; bool tooManyPerPath = false; via->m_inboundFragmentedMessages_l.lock(); try { @@ -245,7 +240,7 @@ class Defragmenter { // data would just mean the transfer is corrupt and would be detected // later e.g. by packet MAC check. Other use cases of this code like // network configs check each fragment so this basically can't happen. - Buf::Slice& s = e->message.at(fragmentNo); + Buf::Slice &s = e->message.at(fragmentNo); if (s.b) return ERR_DUPLICATE_FRAGMENT; @@ -299,15 +294,9 @@ class Defragmenter { private: // p_E is an entry in the message queue. struct p_E { - ZT_INLINE p_E() noexcept - : id(0) - , lastUsed(0) - , totalFragmentsExpected(0) - , fragmentsReceived(0) - { - } + ZT_INLINE p_E() noexcept : id(0), lastUsed(0), totalFragmentsExpected(0), fragmentsReceived(0) {} - ZT_INLINE p_E(const p_E& e) noexcept + ZT_INLINE p_E(const p_E &e) noexcept : id(e.id) , lastUsed(e.lastUsed) , totalFragmentsExpected(e.totalFragmentsExpected) @@ -327,15 +316,15 @@ class Defragmenter { } } - ZT_INLINE p_E& operator=(const p_E& e) + ZT_INLINE p_E &operator=(const p_E &e) { if (this != &e) { - id = e.id; - lastUsed = e.lastUsed; + id = e.id; + lastUsed = e.lastUsed; totalFragmentsExpected = e.totalFragmentsExpected; - fragmentsReceived = e.fragmentsReceived; - via = e.via; - message = e.message; + fragmentsReceived = e.fragmentsReceived; + via = e.via; + message = e.message; } return *this; } diff --git a/core/Dictionary.cpp b/core/Dictionary.cpp index e27cc11bf..e9a31183a 100644 --- a/core/Dictionary.cpp +++ b/core/Dictionary.cpp @@ -15,28 +15,25 @@ namespace ZeroTier { -Vector& Dictionary::operator[](const char* const k) -{ - return m_entries[k]; -} +Vector &Dictionary::operator[](const char *const k) { return m_entries[k]; } -const Vector& Dictionary::operator[](const char* const k) const +const Vector &Dictionary::operator[](const char *const k) const { static const Vector s_emptyEntry; - const SortedMap >::const_iterator e(m_entries.find(k)); + const SortedMap>::const_iterator e(m_entries.find(k)); return (e == m_entries.end()) ? s_emptyEntry : e->second; } -void Dictionary::add(const char* k, const Address& v) +void Dictionary::add(const char *k, const Address &v) { char tmp[ZT_ADDRESS_STRING_SIZE_MAX]; v.toString(tmp); add(k, tmp); } -void Dictionary::add(const char* k, const char* v) +void Dictionary::add(const char *k, const char *v) { - Vector& e = (*this)[k]; + Vector &e = (*this)[k]; e.clear(); if (v) { while (*v) @@ -44,18 +41,18 @@ void Dictionary::add(const char* k, const char* v) } } -void Dictionary::add(const char* k, const void* data, unsigned int len) +void Dictionary::add(const char *k, const void *data, unsigned int len) { - Vector& e = (*this)[k]; + Vector &e = (*this)[k]; if (likely(len != 0)) { - e.assign((const uint8_t*)data, (const uint8_t*)data + len); + e.assign((const uint8_t *)data, (const uint8_t *)data + len); } else { e.clear(); } } -uint64_t Dictionary::getUI(const char* k, uint64_t dfl) const +uint64_t Dictionary::getUI(const char *k, uint64_t dfl) const { char tmp[32]; getS(k, tmp, sizeof(tmp)); @@ -64,12 +61,12 @@ uint64_t Dictionary::getUI(const char* k, uint64_t dfl) const return dfl; } -char* Dictionary::getS(const char* k, char* v, const unsigned int cap) const +char *Dictionary::getS(const char *k, char *v, const unsigned int cap) const { if (cap == 0) // sanity check return v; - const Vector& e = (*this)[k]; + const Vector &e = (*this)[k]; if (e.empty()) { v[0] = 0; return v; @@ -87,15 +84,12 @@ char* Dictionary::getS(const char* k, char* v, const unsigned int cap) const return v; } -void Dictionary::clear() -{ - m_entries.clear(); -} +void Dictionary::clear() { m_entries.clear(); } -void Dictionary::encode(Vector& out) const +void Dictionary::encode(Vector &out) const { out.clear(); - for (SortedMap >::const_iterator ti(m_entries.begin()); ti != m_entries.end(); ++ti) { + for (SortedMap>::const_iterator ti(m_entries.begin()); ti != m_entries.end(); ++ti) { s_appendKey(out, ti->first.data()); for (Vector::const_iterator i(ti->second.begin()); i != ti->second.end(); ++i) s_appendValueByte(out, *i); @@ -103,34 +97,24 @@ void Dictionary::encode(Vector& out) const } } -bool Dictionary::decode(const void* data, unsigned int len) +bool Dictionary::decode(const void *data, unsigned int len) { clear(); String k; - Vector* v = nullptr; - bool escape = false; + Vector *v = nullptr; + bool escape = false; for (unsigned int di = 0; di < len; ++di) { - const uint8_t c = reinterpret_cast(data)[di]; + const uint8_t c = reinterpret_cast(data)[di]; if (c) { if (v) { if (escape) { escape = false; switch (c) { - case 48: - v->push_back(0); - break; - case 101: - v->push_back(61); - break; - case 110: - v->push_back(10); - break; - case 114: - v->push_back(13); - break; - default: - v->push_back(c); - break; + case 48: v->push_back(0); break; + case 101: v->push_back(61); break; + case 110: v->push_back(10); break; + case 114: v->push_back(13); break; + default: v->push_back(c); break; } } else { @@ -162,7 +146,7 @@ bool Dictionary::decode(const void* data, unsigned int len) return true; } -char* Dictionary::arraySubscript(char* buf, unsigned int bufSize, const char* name, const unsigned long sub) noexcept +char *Dictionary::arraySubscript(char *buf, unsigned int bufSize, const char *name, const unsigned long sub) noexcept { if (bufSize < 17) { // sanity check buf[0] = 0; diff --git a/core/Dictionary.hpp b/core/Dictionary.hpp index ecfa7a2e3..bd8143e7c 100644 --- a/core/Dictionary.hpp +++ b/core/Dictionary.hpp @@ -39,15 +39,11 @@ class Identity; */ class Dictionary { public: - typedef SortedMap >::const_iterator const_iterator; + typedef SortedMap>::const_iterator const_iterator; - ZT_INLINE Dictionary() - { - } + ZT_INLINE Dictionary() {} - ZT_INLINE ~Dictionary() - { - } + ZT_INLINE ~Dictionary() {} /* ZT_INLINE void dump() const @@ -82,7 +78,7 @@ class Dictionary { * @param k Key to look up * @return Reference to value */ - Vector& operator[](const char* k); + Vector &operator[](const char *k); /** * Get a const reference to a value @@ -90,23 +86,17 @@ class Dictionary { * @param k Key to look up * @return Reference to value or to empty vector if not found */ - const Vector& operator[](const char* k) const; + const Vector &operator[](const char *k) const; /** * @return Start of key->value pairs */ - ZT_INLINE const_iterator begin() const noexcept - { - return m_entries.begin(); - } + ZT_INLINE const_iterator begin() const noexcept { return m_entries.begin(); } /** * @return End of key->value pairs */ - ZT_INLINE const_iterator end() const noexcept - { - return m_entries.end(); - } + ZT_INLINE const_iterator end() const noexcept { return m_entries.end(); } /** * Add an integer as a hexadecimal string value @@ -114,7 +104,7 @@ class Dictionary { * @param k Key to set * @param v Integer to set, will be cast to uint64_t and stored as hex */ - ZT_INLINE void add(const char* const k, const uint64_t v) + ZT_INLINE void add(const char *const k, const uint64_t v) { char buf[24]; add(k, Utils::hex((uint64_t)(v), buf)); @@ -126,7 +116,7 @@ class Dictionary { * @param k Key to set * @param v Integer to set, will be cast to uint64_t and stored as hex */ - ZT_INLINE void add(const char* const k, const int64_t v) + ZT_INLINE void add(const char *const k, const int64_t v) { char buf[24]; add(k, Utils::hex((uint64_t)(v), buf)); @@ -135,17 +125,17 @@ class Dictionary { /** * Add an address in 10-digit hex string format */ - void add(const char* k, const Address& v); + void add(const char *k, const Address &v); /** * Add a C string as a value */ - void add(const char* k, const char* v); + void add(const char *k, const char *v); /** * Add a binary blob as a value */ - void add(const char* k, const void* data, unsigned int len); + void add(const char *k, const void *data, unsigned int len); /** * Get an integer @@ -154,7 +144,7 @@ class Dictionary { * @param dfl Default value (default: 0) * @return Value of key or default if not found */ - uint64_t getUI(const char* k, uint64_t dfl = 0) const; + uint64_t getUI(const char *k, uint64_t dfl = 0) const; /** * Get a C string @@ -166,7 +156,7 @@ class Dictionary { * @param v Buffer to hold string * @param cap Maximum size of string (including terminating null) */ - char* getS(const char* k, char* v, unsigned int cap) const; + char *getS(const char *k, char *v, unsigned int cap) const; /** * Get an object supporting the marshal/unmarshal interface pattern @@ -176,9 +166,9 @@ class Dictionary { * @param obj Object to unmarshal() into * @return True if unmarshal was successful */ - template ZT_INLINE bool getO(const char* k, T& obj) const + template ZT_INLINE bool getO(const char *k, T &obj) const { - const Vector& d = (*this)[k]; + const Vector &d = (*this)[k]; if (d.empty()) return false; return (obj.unmarshal(d.data(), (unsigned int)d.size()) > 0); @@ -192,9 +182,9 @@ class Dictionary { * @param obj Object to marshal() into vector * @return True if successful */ - template ZT_INLINE bool addO(const char* k, T& obj) + template ZT_INLINE bool addO(const char *k, T &obj) { - Vector& d = (*this)[k]; + Vector &d = (*this)[k]; d.resize(T::marshalSizeMax()); const int l = obj.marshal(d.data()); if (l > 0) { @@ -213,25 +203,19 @@ class Dictionary { /** * @return Number of entries */ - ZT_INLINE unsigned int size() const noexcept - { - return (unsigned int)m_entries.size(); - } + ZT_INLINE unsigned int size() const noexcept { return (unsigned int)m_entries.size(); } /** * @return True if dictionary is not empty */ - ZT_INLINE bool empty() const noexcept - { - return m_entries.empty(); - } + ZT_INLINE bool empty() const noexcept { return m_entries.empty(); } /** * Encode to a string in the supplied vector * * @param out String encoded dictionary */ - void encode(Vector& out) const; + void encode(Vector &out) const; /** * Decode a string encoded dictionary @@ -243,7 +227,7 @@ class Dictionary { * @param len Length of data * @return True if dictionary was formatted correctly and valid, false on error */ - bool decode(const void* data, unsigned int len); + bool decode(const void *data, unsigned int len); /** * Append a key=value pair to a buffer (vector or FCV) @@ -252,7 +236,7 @@ class Dictionary { * @param k Key (must be <= 8 characters) * @param v Value */ - template ZT_INLINE static void append(V& out, const char* const k, const bool v) + template ZT_INLINE static void append(V &out, const char *const k, const bool v) { s_appendKey(out, k); out.push_back((uint8_t)(v ? '1' : '0')); @@ -266,7 +250,7 @@ class Dictionary { * @param k Key (must be <= 8 characters) * @param v Value */ - template ZT_INLINE static void append(V& out, const char* const k, const Address v) + template ZT_INLINE static void append(V &out, const char *const k, const Address v) { s_appendKey(out, k); const uint64_t a = v.toInt(); @@ -291,7 +275,7 @@ class Dictionary { * @param k Key (must be <= 8 characters) * @param v Value */ - template ZT_INLINE static void append(V& out, const char* const k, const uint64_t v) + template ZT_INLINE static void append(V &out, const char *const k, const uint64_t v) { s_appendKey(out, k); char buf[17]; @@ -302,37 +286,37 @@ class Dictionary { out.push_back((uint8_t)'\n'); } - template ZT_INLINE static void append(V& out, const char* const k, const int64_t v) + template ZT_INLINE static void append(V &out, const char *const k, const int64_t v) { append(out, k, (uint64_t)v); } - template ZT_INLINE static void append(V& out, const char* const k, const uint32_t v) + template ZT_INLINE static void append(V &out, const char *const k, const uint32_t v) { append(out, k, (uint64_t)v); } - template ZT_INLINE static void append(V& out, const char* const k, const int32_t v) + template ZT_INLINE static void append(V &out, const char *const k, const int32_t v) { append(out, k, (uint64_t)v); } - template ZT_INLINE static void append(V& out, const char* const k, const uint16_t v) + template ZT_INLINE static void append(V &out, const char *const k, const uint16_t v) { append(out, k, (uint64_t)v); } - template ZT_INLINE static void append(V& out, const char* const k, const int16_t v) + template ZT_INLINE static void append(V &out, const char *const k, const int16_t v) { append(out, k, (uint64_t)v); } - template ZT_INLINE static void append(V& out, const char* const k, const uint8_t v) + template ZT_INLINE static void append(V &out, const char *const k, const uint8_t v) { append(out, k, (uint64_t)v); } - template ZT_INLINE static void append(V& out, const char* const k, const int8_t v) + template ZT_INLINE static void append(V &out, const char *const k, const int8_t v) { append(out, k, (uint64_t)v); } @@ -344,7 +328,7 @@ class Dictionary { * @param k Key (must be <= 8 characters) * @param v Value */ - template ZT_INLINE static void append(V& out, const char* const k, const char* v) + template ZT_INLINE static void append(V &out, const char *const k, const char *v) { if ((v) && (*v)) { s_appendKey(out, k); @@ -362,11 +346,12 @@ class Dictionary { * @param v Value * @param vlen Value length in bytes */ - template ZT_INLINE static void append(V& out, const char* const k, const void* const v, const unsigned int vlen) + template + ZT_INLINE static void append(V &out, const char *const k, const void *const v, const unsigned int vlen) { s_appendKey(out, k); for (unsigned int i = 0; i < vlen; ++i) - s_appendValueByte(out, reinterpret_cast(v)[i]); + s_appendValueByte(out, reinterpret_cast(v)[i]); out.push_back((uint8_t)'\n'); } @@ -377,7 +362,7 @@ class Dictionary { * @param k Key (must be <= 8 characters) * @param pid Packet ID */ - template static ZT_INLINE void appendPacketId(V& out, const char* const k, const uint64_t pid) + template static ZT_INLINE void appendPacketId(V &out, const char *const k, const uint64_t pid) { append(out, k, &pid, 8); } @@ -390,7 +375,7 @@ class Dictionary { * @param v Marshal-able object * @return Bytes appended or negative on error (return value of marshal()) */ - template static ZT_INLINE int appendObject(V& out, const char* const k, const T& v) + template static ZT_INLINE int appendObject(V &out, const char *const k, const T &v) { uint8_t tmp[2048]; // large enough for any current object if (T::marshalSizeMax() > sizeof(tmp)) @@ -409,10 +394,10 @@ class Dictionary { * @param sub Subscript index * @return Pointer to 'buf' */ - static char* arraySubscript(char* buf, unsigned int bufSize, const char* name, const unsigned long sub) noexcept; + static char *arraySubscript(char *buf, unsigned int bufSize, const char *name, const unsigned long sub) noexcept; private: - template ZT_INLINE static void s_appendValueByte(V& out, const uint8_t c) + template ZT_INLINE static void s_appendValueByte(V &out, const uint8_t c) { switch (c) { case 0: @@ -435,13 +420,11 @@ class Dictionary { out.push_back(92); out.push_back(92); break; - default: - out.push_back(c); - break; + default: out.push_back(c); break; } } - template ZT_INLINE static void s_appendKey(V& out, const char* k) + template ZT_INLINE static void s_appendKey(V &out, const char *k) { for (;;) { const char c = *(k++); @@ -455,7 +438,7 @@ class Dictionary { // Dictionary maps need to be sorted so that they always encode in the same order // to yield blobs that can be hashed and signed reproducibly. Other than for areas // where dictionaries are signed and verified the order doesn't matter. - SortedMap > m_entries; + SortedMap> m_entries; }; } // namespace ZeroTier diff --git a/core/ECC384.hpp b/core/ECC384.hpp index 1b4531da4..3c04d1da0 100644 --- a/core/ECC384.hpp +++ b/core/ECC384.hpp @@ -77,7 +77,9 @@ void ECC384GenerateKey(uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE], uint8_t priv[ZT_E * @param hash 48-byte hash * @param sig Buffer to receive signature */ -void ECC384ECDSASign(const uint8_t priv[ZT_ECC384_PRIVATE_KEY_SIZE], const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE], uint8_t sig[ZT_ECC384_SIGNATURE_SIZE]); +void ECC384ECDSASign( + const uint8_t priv[ZT_ECC384_PRIVATE_KEY_SIZE], const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE], + uint8_t sig[ZT_ECC384_SIGNATURE_SIZE]); /** * Verify a signature @@ -87,7 +89,9 @@ void ECC384ECDSASign(const uint8_t priv[ZT_ECC384_PRIVATE_KEY_SIZE], const uint8 * @param sig Signature to check * @return True if signature is valid */ -bool ECC384ECDSAVerify(const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE], const uint8_t sig[ZT_ECC384_SIGNATURE_SIZE]); +bool ECC384ECDSAVerify( + const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t hash[ZT_ECC384_SIGNATURE_HASH_SIZE], + const uint8_t sig[ZT_ECC384_SIGNATURE_SIZE]); /** * Perform ECDH key agreement @@ -99,7 +103,9 @@ bool ECC384ECDSAVerify(const uint8_t pub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8 * @param ourPriv Local private key * @param secret Buffer to receive 48-byte secret */ -bool ECC384ECDH(const uint8_t theirPub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t ourPriv[ZT_ECC384_PRIVATE_KEY_SIZE], uint8_t secret[ZT_ECC384_SHARED_SECRET_SIZE]); +bool ECC384ECDH( + const uint8_t theirPub[ZT_ECC384_PUBLIC_KEY_SIZE], const uint8_t ourPriv[ZT_ECC384_PRIVATE_KEY_SIZE], + uint8_t secret[ZT_ECC384_SHARED_SECRET_SIZE]); } // namespace ZeroTier diff --git a/core/Endpoint.cpp b/core/Endpoint.cpp index 249b343fe..0b9f15faf 100644 --- a/core/Endpoint.cpp +++ b/core/Endpoint.cpp @@ -20,52 +20,34 @@ namespace ZeroTier { static ZT_INLINE char s_endpointTypeChar(const ZT_EndpointType t) { switch (t) { - default: - return '0'; - case ZT_ENDPOINT_TYPE_ZEROTIER: - return 'z'; - case ZT_ENDPOINT_TYPE_ETHERNET: - return 'e'; - case ZT_ENDPOINT_TYPE_WIFI_DIRECT: - return 'd'; - case ZT_ENDPOINT_TYPE_BLUETOOTH: - return 'b'; - case ZT_ENDPOINT_TYPE_IP: - return 'i'; - case ZT_ENDPOINT_TYPE_IP_UDP: - return 'u'; - case ZT_ENDPOINT_TYPE_IP_TCP: - return 't'; - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return 'w'; + default: return '0'; + case ZT_ENDPOINT_TYPE_ZEROTIER: return 'z'; + case ZT_ENDPOINT_TYPE_ETHERNET: return 'e'; + case ZT_ENDPOINT_TYPE_WIFI_DIRECT: return 'd'; + case ZT_ENDPOINT_TYPE_BLUETOOTH: return 'b'; + case ZT_ENDPOINT_TYPE_IP: return 'i'; + case ZT_ENDPOINT_TYPE_IP_UDP: return 'u'; + case ZT_ENDPOINT_TYPE_IP_TCP: return 't'; + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return 'w'; } } static ZT_INLINE ZT_EndpointType s_charEndpointType(const char c) { switch (c) { - default: - return ZT_ENDPOINT_TYPE_NIL; - case 'z': - return ZT_ENDPOINT_TYPE_ZEROTIER; - case 'e': - return ZT_ENDPOINT_TYPE_ETHERNET; - case 'd': - return ZT_ENDPOINT_TYPE_WIFI_DIRECT; - case 'b': - return ZT_ENDPOINT_TYPE_BLUETOOTH; - case 'i': - return ZT_ENDPOINT_TYPE_IP; - case 'u': - return ZT_ENDPOINT_TYPE_IP_UDP; - case 't': - return ZT_ENDPOINT_TYPE_IP_TCP; - case 'w': - return ZT_ENDPOINT_TYPE_IP_TCP_WS; + default: return ZT_ENDPOINT_TYPE_NIL; + case 'z': return ZT_ENDPOINT_TYPE_ZEROTIER; + case 'e': return ZT_ENDPOINT_TYPE_ETHERNET; + case 'd': return ZT_ENDPOINT_TYPE_WIFI_DIRECT; + case 'b': return ZT_ENDPOINT_TYPE_BLUETOOTH; + case 'i': return ZT_ENDPOINT_TYPE_IP; + case 'u': return ZT_ENDPOINT_TYPE_IP_UDP; + case 't': return ZT_ENDPOINT_TYPE_IP_TCP; + case 'w': return ZT_ENDPOINT_TYPE_IP_TCP_WS; } } -char* Endpoint::toString(char s[ZT_ENDPOINT_STRING_SIZE_MAX]) const noexcept +char *Endpoint::toString(char s[ZT_ENDPOINT_STRING_SIZE_MAX]) const noexcept { static_assert(ZT_ENDPOINT_STRING_SIZE_MAX > (ZT_INETADDRESS_STRING_SIZE_MAX + 4), "overflow"); static_assert(ZT_ENDPOINT_STRING_SIZE_MAX > (ZT_FINGERPRINT_STRING_SIZE_MAX + 4), "overflow"); @@ -97,10 +79,10 @@ char* Endpoint::toString(char s[ZT_ENDPOINT_STRING_SIZE_MAX]) const noexcept return s; } -bool Endpoint::fromString(const char* s) noexcept +bool Endpoint::fromString(const char *s) noexcept { memoryZero(this); - if ((! s) || (! *s)) { + if ((!s) || (!*s)) { // Empty strings are considered NIL endpoints. return true; } @@ -108,16 +90,15 @@ bool Endpoint::fromString(const char* s) noexcept // type/ADDRESS is a fully qualified endpoint. this->type = s_charEndpointType(s[0]); switch (this->type) { - case ZT_ENDPOINT_TYPE_NIL: - break; + case ZT_ENDPOINT_TYPE_NIL: break; case ZT_ENDPOINT_TYPE_ZEROTIER: - if (! s[2]) + if (!s[2]) return false; break; case ZT_ENDPOINT_TYPE_ETHERNET: case ZT_ENDPOINT_TYPE_WIFI_DIRECT: case ZT_ENDPOINT_TYPE_BLUETOOTH: { - if (! s[2]) + if (!s[2]) return false; MAC tmpmac; tmpmac.fromString(s + 2); @@ -127,9 +108,9 @@ bool Endpoint::fromString(const char* s) noexcept case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: case ZT_ENDPOINT_TYPE_IP_TCP_WS: { - if (! s[2]) + if (!s[2]) return false; - if (! asInetAddress(this->value.ss).fromString(s + 2)) + if (!asInetAddress(this->value.ss).fromString(s + 2)) return false; } break; } @@ -176,7 +157,7 @@ int Endpoint::marshal(uint8_t data[ZT_ENDPOINT_MARSHAL_SIZE_MAX]) const noexcept } } -int Endpoint::unmarshal(const uint8_t* restrict data, int len) noexcept +int Endpoint::unmarshal(const uint8_t *restrict data, int len) noexcept { memoryZero(this); if (unlikely(len <= 0)) @@ -189,19 +170,15 @@ int Endpoint::unmarshal(const uint8_t* restrict data, int len) noexcept if (data[0] < 16) { switch (data[0]) { - case 0: - return 1; + case 0: return 1; case 4: - case 6: - this->type = ZT_ENDPOINT_TYPE_IP_UDP; - return asInetAddress(this->value.ss).unmarshal(data, len); + case 6: this->type = ZT_ENDPOINT_TYPE_IP_UDP; return asInetAddress(this->value.ss).unmarshal(data, len); } return -1; } switch ((this->type = (ZT_EndpointType)(data[0] - 16))) { - case ZT_ENDPOINT_TYPE_NIL: - return 1; + case ZT_ENDPOINT_TYPE_NIL: return 1; case ZT_ENDPOINT_TYPE_ZEROTIER: if (len >= (1 + ZT_ADDRESS_LENGTH + ZT_FINGERPRINT_HASH_SIZE)) { @@ -225,11 +202,9 @@ int Endpoint::unmarshal(const uint8_t* restrict data, int len) noexcept case ZT_ENDPOINT_TYPE_IP: case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return asInetAddress(this->value.ss).unmarshal(data + 1, len - 1); + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return asInetAddress(this->value.ss).unmarshal(data + 1, len - 1); - default: - break; + default: break; } // Unrecognized types can still be passed over in a valid stream if they are @@ -242,45 +217,37 @@ int Endpoint::unmarshal(const uint8_t* restrict data, int len) noexcept return (unrecLen > len) ? -1 : unrecLen; } -bool Endpoint::operator==(const Endpoint& ep) const noexcept +bool Endpoint::operator==(const Endpoint &ep) const noexcept { if (this->type == ep.type) { switch (this->type) { - case ZT_ENDPOINT_TYPE_ZEROTIER: - return zt() == ep.zt(); + case ZT_ENDPOINT_TYPE_ZEROTIER: return zt() == ep.zt(); case ZT_ENDPOINT_TYPE_ETHERNET: case ZT_ENDPOINT_TYPE_WIFI_DIRECT: - case ZT_ENDPOINT_TYPE_BLUETOOTH: - return this->value.mac == ep.value.mac; + case ZT_ENDPOINT_TYPE_BLUETOOTH: return this->value.mac == ep.value.mac; case ZT_ENDPOINT_TYPE_IP: case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return ip() == ep.ip(); - default: - return true; + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return ip() == ep.ip(); + default: return true; } } return false; } -bool Endpoint::operator<(const Endpoint& ep) const noexcept +bool Endpoint::operator<(const Endpoint &ep) const noexcept { if (this->type == ep.type) { switch (this->type) { - case ZT_ENDPOINT_TYPE_ZEROTIER: - return zt() < ep.zt(); + case ZT_ENDPOINT_TYPE_ZEROTIER: return zt() < ep.zt(); case ZT_ENDPOINT_TYPE_ETHERNET: case ZT_ENDPOINT_TYPE_WIFI_DIRECT: - case ZT_ENDPOINT_TYPE_BLUETOOTH: - return this->value.mac < ep.value.mac; + case ZT_ENDPOINT_TYPE_BLUETOOTH: return this->value.mac < ep.value.mac; case ZT_ENDPOINT_TYPE_IP: case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return ip() < ep.ip(); - default: - return true; + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return ip() < ep.ip(); + default: return true; } } return (int)this->type < (int)ep.type; diff --git a/core/Endpoint.hpp b/core/Endpoint.hpp index 9fbbbfc52..b507115fb 100644 --- a/core/Endpoint.hpp +++ b/core/Endpoint.hpp @@ -27,11 +27,16 @@ namespace ZeroTier { -static_assert((ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > ZT_INETADDRESS_MARSHAL_SIZE_MAX, "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); -static_assert((ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(ZT_Fingerprint), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); -static_assert((ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(InetAddress), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); +static_assert( + (ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > ZT_INETADDRESS_MARSHAL_SIZE_MAX, + "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); +static_assert( + (ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(ZT_Fingerprint), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); +static_assert( + (ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(InetAddress), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); static_assert((ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(MAC), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); -static_assert((ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(Fingerprint), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); +static_assert( + (ZT_ENDPOINT_MARSHAL_SIZE_MAX - 1) > sizeof(Fingerprint), "ZT_ENDPOINT_MARSHAL_SIZE_MAX not large enough"); /** * Endpoint variant specifying some form of network endpoint. @@ -49,15 +54,9 @@ class Endpoint /** * Create a NIL/empty endpoint */ - ZT_INLINE Endpoint() noexcept - { - memoryZero(this); - } + ZT_INLINE Endpoint() noexcept { memoryZero(this); } - ZT_INLINE Endpoint(const ZT_Endpoint& ep) noexcept - { - Utils::copy((ZT_Endpoint*)this, &ep); - } + ZT_INLINE Endpoint(const ZT_Endpoint &ep) noexcept { Utils::copy((ZT_Endpoint *)this, &ep); } /** * Create an endpoint for a type that uses an IP @@ -65,7 +64,7 @@ class Endpoint * @param a IP/port * @param et Endpoint type (default: IP_UDP) */ - ZT_INLINE Endpoint(const InetAddress& inaddr, const ZT_EndpointType et = ZT_ENDPOINT_TYPE_IP_UDP) noexcept + ZT_INLINE Endpoint(const InetAddress &inaddr, const ZT_EndpointType et = ZT_ENDPOINT_TYPE_IP_UDP) noexcept { if (inaddr) { this->type = et; @@ -81,10 +80,10 @@ class Endpoint * * @param zt_ ZeroTier identity fingerprint */ - ZT_INLINE Endpoint(const Fingerprint& zt_) noexcept + ZT_INLINE Endpoint(const Fingerprint &zt_) noexcept { if (zt_) { - this->type = ZT_ENDPOINT_TYPE_ZEROTIER; + this->type = ZT_ENDPOINT_TYPE_ZEROTIER; this->value.fp = zt_; } else { @@ -98,10 +97,10 @@ class Endpoint * @param eth_ Ethernet address * @param et Endpoint type (default: ETHERNET) */ - ZT_INLINE Endpoint(const MAC& eth_, const ZT_EndpointType et = ZT_ENDPOINT_TYPE_ETHERNET) noexcept + ZT_INLINE Endpoint(const MAC ð_, const ZT_EndpointType et = ZT_ENDPOINT_TYPE_ETHERNET) noexcept { if (eth_) { - this->type = et; + this->type = et; this->value.mac = eth_.toInt(); } else { @@ -112,10 +111,7 @@ class Endpoint /** * @return True if endpoint type isn't NIL */ - ZT_INLINE operator bool() const noexcept - { - return this->type != ZT_ENDPOINT_TYPE_NIL; - } + ZT_INLINE operator bool() const noexcept { return this->type != ZT_ENDPOINT_TYPE_NIL; } /** * @return True if this endpoint type has an InetAddress address type and thus ip() is valid @@ -126,10 +122,8 @@ class Endpoint case ZT_ENDPOINT_TYPE_IP: case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return true; - default: - return false; + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return true; + default: return false; } } @@ -142,7 +136,7 @@ class Endpoint * @param ep Endpoint to check * @return True if endpoints seem to refer to the same address/host */ - ZT_INLINE bool isSameAddress(const Endpoint& ep) const noexcept + ZT_INLINE bool isSameAddress(const Endpoint &ep) const noexcept { switch (this->type) { case ZT_ENDPOINT_TYPE_IP: @@ -153,14 +147,11 @@ class Endpoint case ZT_ENDPOINT_TYPE_IP: case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return ip().ipsEqual(ep.ip()); - default: - break; + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return ip().ipsEqual(ep.ip()); + default: break; } break; - default: - break; + default: break; } return (*this) == ep; } @@ -170,51 +161,38 @@ class Endpoint * * @return InetAddress instance */ - ZT_INLINE const InetAddress& ip() const noexcept - { - return asInetAddress(this->value.ss); - } + ZT_INLINE const InetAddress &ip() const noexcept { return asInetAddress(this->value.ss); } /** * Get MAC if this is an Ethernet, WiFi direct, or Bluetooth type (undefined otherwise) * * @return Ethernet MAC */ - ZT_INLINE MAC eth() const noexcept - { - return MAC(this->value.mac); - } + ZT_INLINE MAC eth() const noexcept { return MAC(this->value.mac); } /** * Get fingerprint if this is a ZeroTier endpoint type (undefined otherwise) * * @return ZeroTier fingerprint */ - ZT_INLINE Fingerprint zt() const noexcept - { - return Fingerprint(this->value.fp); - } + ZT_INLINE Fingerprint zt() const noexcept { return Fingerprint(this->value.fp); } ZT_INLINE unsigned long hashCode() const noexcept { switch (this->type) { - default: - return 1; - case ZT_ENDPOINT_TYPE_ZEROTIER: - return (unsigned long)this->value.fp.address; + default: return 1; + case ZT_ENDPOINT_TYPE_ZEROTIER: return (unsigned long)this->value.fp.address; case ZT_ENDPOINT_TYPE_ETHERNET: case ZT_ENDPOINT_TYPE_WIFI_DIRECT: - case ZT_ENDPOINT_TYPE_BLUETOOTH: - return (unsigned long)Utils::hash64(this->value.mac); + case ZT_ENDPOINT_TYPE_BLUETOOTH: return (unsigned long)Utils::hash64(this->value.mac); case ZT_ENDPOINT_TYPE_IP: case ZT_ENDPOINT_TYPE_IP_UDP: case ZT_ENDPOINT_TYPE_IP_TCP: - case ZT_ENDPOINT_TYPE_IP_TCP_WS: - return ip().hashCode(); + case ZT_ENDPOINT_TYPE_IP_TCP_WS: return ip().hashCode(); } } - char* toString(char s[ZT_ENDPOINT_STRING_SIZE_MAX]) const noexcept; + char *toString(char s[ZT_ENDPOINT_STRING_SIZE_MAX]) const noexcept; ZT_INLINE String toString() const { @@ -222,40 +200,25 @@ class Endpoint return String(toString(tmp)); } - bool fromString(const char* s) noexcept; + bool fromString(const char *s) noexcept; - static constexpr int marshalSizeMax() noexcept - { - return ZT_ENDPOINT_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_ENDPOINT_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_ENDPOINT_MARSHAL_SIZE_MAX]) const noexcept; - int unmarshal(const uint8_t* restrict data, int len) noexcept; + int unmarshal(const uint8_t *restrict data, int len) noexcept; - bool operator==(const Endpoint& ep) const noexcept; + bool operator==(const Endpoint &ep) const noexcept; - ZT_INLINE bool operator!=(const Endpoint& ep) const noexcept - { - return ! ((*this) == ep); - } + ZT_INLINE bool operator!=(const Endpoint &ep) const noexcept { return !((*this) == ep); } - bool operator<(const Endpoint& ep) const noexcept; + bool operator<(const Endpoint &ep) const noexcept; - ZT_INLINE bool operator>(const Endpoint& ep) const noexcept - { - return (ep < *this); - } + ZT_INLINE bool operator>(const Endpoint &ep) const noexcept { return (ep < *this); } - ZT_INLINE bool operator<=(const Endpoint& ep) const noexcept - { - return ! (ep < *this); - } + ZT_INLINE bool operator<=(const Endpoint &ep) const noexcept { return !(ep < *this); } - ZT_INLINE bool operator>=(const Endpoint& ep) const noexcept - { - return ! (*this < ep); - } + ZT_INLINE bool operator>=(const Endpoint &ep) const noexcept { return !(*this < ep); } }; static_assert(sizeof(Endpoint) == sizeof(ZT_Endpoint), "size mismatch"); diff --git a/core/Expect.hpp b/core/Expect.hpp index 8488b2e4b..f6cf6f038 100644 --- a/core/Expect.hpp +++ b/core/Expect.hpp @@ -38,9 +38,7 @@ namespace ZeroTier { */ class Expect { public: - ZT_INLINE Expect() : m_packetIdSent() - { - } + ZT_INLINE Expect() : m_packetIdSent() {} /** * Called by other code when something is sending a packet that could potentially receive an OK response @@ -50,7 +48,8 @@ class Expect { */ ZT_INLINE void sending(const uint64_t packetId, const int64_t now) noexcept { - m_packetIdSent[Utils::hash64(packetId ^ Utils::s_mapNonce) % ZT_EXPECT_BUCKETS] = (uint32_t)(now / ZT_EXPECT_TTL); + m_packetIdSent[Utils::hash64(packetId ^ Utils::s_mapNonce) % ZT_EXPECT_BUCKETS] = + (uint32_t)(now / ZT_EXPECT_TTL); } /** @@ -66,7 +65,12 @@ class Expect { */ ZT_INLINE bool expecting(const uint64_t inRePacketId, const int64_t now) noexcept { - return (((now / ZT_EXPECT_TTL) - (int64_t)m_packetIdSent[(unsigned long)Utils::hash64(inRePacketId ^ Utils::s_mapNonce) % ZT_EXPECT_BUCKETS].exchange(0)) <= 1); + return ( + ((now / ZT_EXPECT_TTL) + - (int64_t) + m_packetIdSent[(unsigned long)Utils::hash64(inRePacketId ^ Utils::s_mapNonce) % ZT_EXPECT_BUCKETS] + .exchange(0)) + <= 1); } private: diff --git a/core/FCV.hpp b/core/FCV.hpp index 6326ec4de..04a9d00e9 100644 --- a/core/FCV.hpp +++ b/core/FCV.hpp @@ -35,23 +35,18 @@ namespace ZeroTier { */ template class FCV { public: - typedef T* iterator; - typedef const T* const_iterator; + typedef T *iterator; + typedef const T *const_iterator; - ZT_INLINE FCV() noexcept : _s(0) - { - } + ZT_INLINE FCV() noexcept : _s(0) {} - ZT_INLINE FCV(const FCV& v) : _s(0) - { - *this = v; - } + ZT_INLINE FCV(const FCV &v) : _s(0) { *this = v; } - ZT_INLINE FCV(const T* const contents, const unsigned int len) : _s(len) + ZT_INLINE FCV(const T *const contents, const unsigned int len) : _s(len) { const unsigned int l = std::min(len, C); for (unsigned int i = 0; i < l; ++i) - new (reinterpret_cast(_m) + i) T(contents[i]); + new (reinterpret_cast(_m) + i) T(contents[i]); } template ZT_INLINE FCV(I i, I end) : _s(0) @@ -62,19 +57,16 @@ template class FCV { } } - ZT_INLINE ~FCV() - { - this->clear(); - } + ZT_INLINE ~FCV() { this->clear(); } - ZT_INLINE FCV& operator=(const FCV& v) + ZT_INLINE FCV &operator=(const FCV &v) { if (likely(&v != this)) { this->clear(); const unsigned int s = v._s; - _s = s; + _s = s; for (unsigned int i = 0; i < s; ++i) - new (reinterpret_cast(_m) + i) T(*(reinterpret_cast(v._m) + i)); + new (reinterpret_cast(_m) + i) T(*(reinterpret_cast(v._m) + i)); } return *this; } @@ -85,9 +77,9 @@ template class FCV { ZT_INLINE void clear() { const unsigned int s = _s; - _s = 0; + _s = 0; for (unsigned int i = 0; i < s; ++i) - (reinterpret_cast(_m) + i)->~T(); + (reinterpret_cast(_m) + i)->~T(); } /** @@ -95,70 +87,43 @@ template class FCV { * * @param v Target vector */ - ZT_INLINE void unsafeMoveTo(FCV& v) noexcept + ZT_INLINE void unsafeMoveTo(FCV &v) noexcept { Utils::copy(v._m, _m, (v._s = _s) * sizeof(T)); _s = 0; } - ZT_INLINE iterator begin() noexcept - { - return reinterpret_cast(_m); - } + ZT_INLINE iterator begin() noexcept { return reinterpret_cast(_m); } - ZT_INLINE iterator end() noexcept - { - return reinterpret_cast(_m) + _s; - } + ZT_INLINE iterator end() noexcept { return reinterpret_cast(_m) + _s; } - ZT_INLINE const_iterator begin() const noexcept - { - return reinterpret_cast(_m); - } + ZT_INLINE const_iterator begin() const noexcept { return reinterpret_cast(_m); } - ZT_INLINE const_iterator end() const noexcept - { - return reinterpret_cast(_m) + _s; - } + ZT_INLINE const_iterator end() const noexcept { return reinterpret_cast(_m) + _s; } - ZT_INLINE T& operator[](const unsigned int i) + ZT_INLINE T &operator[](const unsigned int i) { if (likely(i < _s)) - return reinterpret_cast(_m)[i]; + return reinterpret_cast(_m)[i]; throw Utils::OutOfRangeException; } - ZT_INLINE const T& operator[](const unsigned int i) const + ZT_INLINE const T &operator[](const unsigned int i) const { if (likely(i < _s)) - return reinterpret_cast(_m)[i]; + return reinterpret_cast(_m)[i]; throw Utils::OutOfRangeException; } - static constexpr unsigned int capacity() noexcept - { - return C; - } + static constexpr unsigned int capacity() noexcept { return C; } - ZT_INLINE unsigned int size() const noexcept - { - return _s; - } + ZT_INLINE unsigned int size() const noexcept { return _s; } - ZT_INLINE bool empty() const noexcept - { - return (_s == 0); - } + ZT_INLINE bool empty() const noexcept { return (_s == 0); } - ZT_INLINE T* data() noexcept - { - return reinterpret_cast(_m); - } + ZT_INLINE T *data() noexcept { return reinterpret_cast(_m); } - ZT_INLINE const T* data() const noexcept - { - return reinterpret_cast(_m); - } + ZT_INLINE const T *data() const noexcept { return reinterpret_cast(_m); } /** * Push a value onto the back of this vector @@ -167,10 +132,10 @@ template class FCV { * * @param v Value to push */ - ZT_INLINE void push_back(const T& v) + ZT_INLINE void push_back(const T &v) { if (likely(_s < C)) - new (reinterpret_cast(_m) + _s++) T(v); + new (reinterpret_cast(_m) + _s++) T(v); else throw Utils::OutOfRangeException; } @@ -180,13 +145,13 @@ template class FCV { * * @return Reference to new item */ - ZT_INLINE T& push() + ZT_INLINE T &push() { if (likely(_s < C)) { - return *(new (reinterpret_cast(_m) + _s++) T()); + return *(new (reinterpret_cast(_m) + _s++) T()); } else { - return *(reinterpret_cast(_m) + (C - 1)); + return *(reinterpret_cast(_m) + (C - 1)); } } @@ -195,14 +160,14 @@ template class FCV { * * @return Reference to new item */ - ZT_INLINE T& push(const T& v) + ZT_INLINE T &push(const T &v) { if (likely(_s < C)) { - return *(new (reinterpret_cast(_m) + _s++) T(v)); + return *(new (reinterpret_cast(_m) + _s++) T(v)); } else { - T& tmp = *(reinterpret_cast(_m) + (C - 1)); - tmp = v; + T &tmp = *(reinterpret_cast(_m) + (C - 1)); + tmp = v; return tmp; } } @@ -213,7 +178,7 @@ template class FCV { ZT_INLINE void pop_back() { if (likely(_s != 0)) - (reinterpret_cast(_m) + --_s)->~T(); + (reinterpret_cast(_m) + --_s)->~T(); } /** @@ -227,9 +192,9 @@ template class FCV { throw Utils::OutOfRangeException; unsigned int s = _s; while (s < ns) - new (reinterpret_cast(_m) + s++) T(); + new (reinterpret_cast(_m) + s++) T(); while (s > ns) - (reinterpret_cast(_m) + --s)->~T(); + (reinterpret_cast(_m) + --s)->~T(); _s = s; } @@ -238,10 +203,7 @@ template class FCV { * * @param ns New size */ - ZT_INLINE void unsafeSetSize(unsigned int ns) - { - _s = ns; - } + ZT_INLINE void unsafeSetSize(unsigned int ns) { _s = ns; } /** * This is a bounds checked auto-resizing variant of the [] operator @@ -252,16 +214,16 @@ template class FCV { * @param i Index to obtain as a reference, resizing if needed * @return Reference to value at this index */ - ZT_INLINE T& at(unsigned int i) + ZT_INLINE T &at(unsigned int i) { if (i >= _s) { if (unlikely(i >= C)) i = C - 1; do { - new (reinterpret_cast(_m) + _s++) T(); + new (reinterpret_cast(_m) + _s++) T(); } while (i >= _s); } - return *(reinterpret_cast(_m) + i); + return *(reinterpret_cast(_m) + i); } /** @@ -273,24 +235,24 @@ template class FCV { * @param start Starting iterator * @param end Ending iterator (must be greater than start) */ - template ZT_INLINE void assign(X start, const X& end) + template ZT_INLINE void assign(X start, const X &end) { const int l = std::min((int)std::distance(start, end), (int)C); if (l > 0) { this->resize((unsigned int)l); for (int i = 0; i < l; ++i) - reinterpret_cast(_m)[i] = *(start++); + reinterpret_cast(_m)[i] = *(start++); } else { this->clear(); } } - ZT_INLINE bool operator==(const FCV& v) const noexcept + ZT_INLINE bool operator==(const FCV &v) const noexcept { if (_s == v._s) { for (unsigned int i = 0; i < _s; ++i) { - if (! (*(reinterpret_cast(_m) + i) == *(reinterpret_cast(v._m) + i))) + if (!(*(reinterpret_cast(_m) + i) == *(reinterpret_cast(v._m) + i))) return false; } return true; @@ -298,30 +260,18 @@ template class FCV { return false; } - ZT_INLINE bool operator!=(const FCV& v) const noexcept - { - return *this != v; - } + ZT_INLINE bool operator!=(const FCV &v) const noexcept { return *this != v; } - ZT_INLINE bool operator<(const FCV& v) const noexcept + ZT_INLINE bool operator<(const FCV &v) const noexcept { return std::lexicographical_compare(begin(), end(), v.begin(), v.end()); } - ZT_INLINE bool operator>(const FCV& v) const noexcept - { - return (v < *this); - } + ZT_INLINE bool operator>(const FCV &v) const noexcept { return (v < *this); } - ZT_INLINE bool operator<=(const FCV& v) const noexcept - { - return v >= *this; - } + ZT_INLINE bool operator<=(const FCV &v) const noexcept { return v >= *this; } - ZT_INLINE bool operator>=(const FCV& v) const noexcept - { - return *this >= v; - } + ZT_INLINE bool operator>=(const FCV &v) const noexcept { return *this >= v; } private: #ifdef _MSC_VER diff --git a/core/Fingerprint.hpp b/core/Fingerprint.hpp index 86f61d6f1..ed428ae24 100644 --- a/core/Fingerprint.hpp +++ b/core/Fingerprint.hpp @@ -34,35 +34,28 @@ class Fingerprint : public ZT_Fingerprint , public TriviallyCopyable { public: - ZT_INLINE Fingerprint() noexcept - { - memoryZero(this); - } + ZT_INLINE Fingerprint() noexcept { memoryZero(this); } - ZT_INLINE Fingerprint(const ZT_Fingerprint& fp) noexcept - { - Utils::copy(this, &fp); - } + ZT_INLINE Fingerprint(const ZT_Fingerprint &fp) noexcept { Utils::copy(this, &fp); } /** * @return True if hash is not all zero (missing/unspecified) */ - ZT_INLINE bool haveHash() const noexcept - { - return (! Utils::allZero(this->hash, ZT_FINGERPRINT_HASH_SIZE)); - } + ZT_INLINE bool haveHash() const noexcept { return (!Utils::allZero(this->hash, ZT_FINGERPRINT_HASH_SIZE)); } /** * Get a base32-encoded representation of this fingerprint * * @param s Base32 string */ - ZT_INLINE char* toString(char s[ZT_FINGERPRINT_STRING_SIZE_MAX]) const noexcept + ZT_INLINE char *toString(char s[ZT_FINGERPRINT_STRING_SIZE_MAX]) const noexcept { Address(this->address).toString(s); if (haveHash()) { s[ZT_ADDRESS_LENGTH_HEX] = '-'; - Utils::b32e(this->hash, ZT_FINGERPRINT_HASH_SIZE, s + (ZT_ADDRESS_LENGTH_HEX + 1), ZT_FINGERPRINT_STRING_SIZE_MAX - (ZT_ADDRESS_LENGTH_HEX + 1)); + Utils::b32e( + this->hash, ZT_FINGERPRINT_HASH_SIZE, s + (ZT_ADDRESS_LENGTH_HEX + 1), + ZT_FINGERPRINT_STRING_SIZE_MAX - (ZT_ADDRESS_LENGTH_HEX + 1)); } return s; } @@ -79,9 +72,9 @@ class Fingerprint * @param s String to decode * @return True if string appears to be valid and of the proper length (no other checking is done) */ - ZT_INLINE bool fromString(const char* const s) noexcept + ZT_INLINE bool fromString(const char *const s) noexcept { - if (! s) + if (!s) return false; const int l = (int)strlen(s); if (l < ZT_ADDRESS_LENGTH_HEX) @@ -89,9 +82,10 @@ class Fingerprint char a[ZT_ADDRESS_LENGTH_HEX + 1]; Utils::copy(a, s); a[ZT_ADDRESS_LENGTH_HEX] = 0; - this->address = Utils::hexStrToU64(a) & ZT_ADDRESS_MASK; + this->address = Utils::hexStrToU64(a) & ZT_ADDRESS_MASK; if (l > (ZT_ADDRESS_LENGTH_HEX + 1)) { - if (Utils::b32d(s + (ZT_ADDRESS_LENGTH_HEX + 1), this->hash, ZT_FINGERPRINT_HASH_SIZE) != ZT_FINGERPRINT_HASH_SIZE) + if (Utils::b32d(s + (ZT_ADDRESS_LENGTH_HEX + 1), this->hash, ZT_FINGERPRINT_HASH_SIZE) + != ZT_FINGERPRINT_HASH_SIZE) return false; } else { @@ -100,25 +94,13 @@ class Fingerprint return true; } - ZT_INLINE void zero() noexcept - { - memoryZero(this); - } + ZT_INLINE void zero() noexcept { memoryZero(this); } - ZT_INLINE unsigned long hashCode() const noexcept - { - return (unsigned long)this->address; - } + ZT_INLINE unsigned long hashCode() const noexcept { return (unsigned long)this->address; } - ZT_INLINE operator bool() const noexcept - { - return this->address != 0; - } + ZT_INLINE operator bool() const noexcept { return this->address != 0; } - static constexpr int marshalSizeMax() noexcept - { - return ZT_FINGERPRINT_MARSHAL_SIZE; - } + static constexpr int marshalSizeMax() noexcept { return ZT_FINGERPRINT_MARSHAL_SIZE; } ZT_INLINE int marshal(uint8_t data[ZT_FINGERPRINT_MARSHAL_SIZE]) const noexcept { @@ -127,7 +109,7 @@ class Fingerprint return ZT_FINGERPRINT_MARSHAL_SIZE; } - ZT_INLINE int unmarshal(const uint8_t* const data, int len) noexcept + ZT_INLINE int unmarshal(const uint8_t *const data, int len) noexcept { if (unlikely(len < ZT_FINGERPRINT_MARSHAL_SIZE)) return -1; @@ -136,35 +118,31 @@ class Fingerprint return ZT_FINGERPRINT_MARSHAL_SIZE; } - ZT_INLINE bool operator==(const ZT_Fingerprint& h) const noexcept + ZT_INLINE bool operator==(const ZT_Fingerprint &h) const noexcept { return ((this->address == h.address) && (memcmp(this->hash, h.hash, ZT_FINGERPRINT_HASH_SIZE) == 0)); } - ZT_INLINE bool operator!=(const ZT_Fingerprint& h) const noexcept + ZT_INLINE bool operator!=(const ZT_Fingerprint &h) const noexcept { return !(*this == h); } + + ZT_INLINE bool operator<(const ZT_Fingerprint &h) const noexcept { - return ! (*this == h); + return ( + (this->address < h.address) + || ((this->address == h.address) && (memcmp(this->hash, h.hash, ZT_FINGERPRINT_HASH_SIZE) < 0))); } - ZT_INLINE bool operator<(const ZT_Fingerprint& h) const noexcept + ZT_INLINE bool operator>(const ZT_Fingerprint &h) const noexcept { - return ((this->address < h.address) || ((this->address == h.address) && (memcmp(this->hash, h.hash, ZT_FINGERPRINT_HASH_SIZE) < 0))); + return (*reinterpret_cast(&h) < *this); } - ZT_INLINE bool operator>(const ZT_Fingerprint& h) const noexcept + ZT_INLINE bool operator<=(const ZT_Fingerprint &h) const noexcept { - return (*reinterpret_cast(&h) < *this); + return !(*reinterpret_cast(&h) < *this); } - ZT_INLINE bool operator<=(const ZT_Fingerprint& h) const noexcept - { - return ! (*reinterpret_cast(&h) < *this); - } - - ZT_INLINE bool operator>=(const ZT_Fingerprint& h) const noexcept - { - return ! (*this < h); - } + ZT_INLINE bool operator>=(const ZT_Fingerprint &h) const noexcept { return !(*this < h); } }; static_assert(sizeof(Fingerprint) == sizeof(ZT_Fingerprint), "size mismatch"); diff --git a/core/Identity.cpp b/core/Identity.cpp index 2d47c6793..d0992e123 100644 --- a/core/Identity.cpp +++ b/core/Identity.cpp @@ -30,7 +30,9 @@ namespace { // This is the memory-intensive hash function used to compute v0 identities from v0 public keys. #define ZT_V0_IDENTITY_GEN_MEMORY 2097152 -void identityV0ProofOfWorkFrankenhash(const void* const restrict c25519CombinedPublicKey, void* const restrict digest, void* const restrict genmem) noexcept +void identityV0ProofOfWorkFrankenhash( + const void *const restrict c25519CombinedPublicKey, void *const restrict digest, + void *const restrict genmem) noexcept { // Digest publicKey[] to obtain initial digest SHA512(digest, c25519CombinedPublicKey, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE); @@ -39,35 +41,35 @@ void identityV0ProofOfWorkFrankenhash(const void* const restrict c25519CombinedP // ordinary Salsa20 is randomly seek-able. This is good for a cipher // but is not what we want for sequential memory-hardness. Utils::zero(genmem); - Salsa20 s20(digest, (char*)digest + 32); - s20.crypt20((char*)genmem, (char*)genmem, 64); + Salsa20 s20(digest, (char *)digest + 32); + s20.crypt20((char *)genmem, (char *)genmem, 64); for (unsigned long i = 64; i < ZT_V0_IDENTITY_GEN_MEMORY; i += 64) { - unsigned long k = i - 64; - *((uint64_t*)((char*)genmem + i)) = *((uint64_t*)((char*)genmem + k)); - *((uint64_t*)((char*)genmem + i + 8)) = *((uint64_t*)((char*)genmem + k + 8)); - *((uint64_t*)((char*)genmem + i + 16)) = *((uint64_t*)((char*)genmem + k + 16)); - *((uint64_t*)((char*)genmem + i + 24)) = *((uint64_t*)((char*)genmem + k + 24)); - *((uint64_t*)((char*)genmem + i + 32)) = *((uint64_t*)((char*)genmem + k + 32)); - *((uint64_t*)((char*)genmem + i + 40)) = *((uint64_t*)((char*)genmem + k + 40)); - *((uint64_t*)((char*)genmem + i + 48)) = *((uint64_t*)((char*)genmem + k + 48)); - *((uint64_t*)((char*)genmem + i + 56)) = *((uint64_t*)((char*)genmem + k + 56)); - s20.crypt20((char*)genmem + i, (char*)genmem + i, 64); + unsigned long k = i - 64; + *((uint64_t *)((char *)genmem + i)) = *((uint64_t *)((char *)genmem + k)); + *((uint64_t *)((char *)genmem + i + 8)) = *((uint64_t *)((char *)genmem + k + 8)); + *((uint64_t *)((char *)genmem + i + 16)) = *((uint64_t *)((char *)genmem + k + 16)); + *((uint64_t *)((char *)genmem + i + 24)) = *((uint64_t *)((char *)genmem + k + 24)); + *((uint64_t *)((char *)genmem + i + 32)) = *((uint64_t *)((char *)genmem + k + 32)); + *((uint64_t *)((char *)genmem + i + 40)) = *((uint64_t *)((char *)genmem + k + 40)); + *((uint64_t *)((char *)genmem + i + 48)) = *((uint64_t *)((char *)genmem + k + 48)); + *((uint64_t *)((char *)genmem + i + 56)) = *((uint64_t *)((char *)genmem + k + 56)); + s20.crypt20((char *)genmem + i, (char *)genmem + i, 64); } // Render final digest using genmem as a lookup table for (unsigned long i = 0; i < (ZT_V0_IDENTITY_GEN_MEMORY / sizeof(uint64_t));) { - unsigned long idx1 = (unsigned long)(Utils::ntoh(((uint64_t*)genmem)[i++]) % (64 / sizeof(uint64_t))); - unsigned long idx2 = (unsigned long)(Utils::ntoh(((uint64_t*)genmem)[i++]) % (ZT_V0_IDENTITY_GEN_MEMORY / sizeof(uint64_t))); - uint64_t tmp = ((uint64_t*)genmem)[idx2]; - ((uint64_t*)genmem)[idx2] = ((uint64_t*)digest)[idx1]; - ((uint64_t*)digest)[idx1] = tmp; + unsigned long idx1 = (unsigned long)(Utils::ntoh(((uint64_t *)genmem)[i++]) % (64 / sizeof(uint64_t))); + unsigned long idx2 = + (unsigned long)(Utils::ntoh(((uint64_t *)genmem)[i++]) % (ZT_V0_IDENTITY_GEN_MEMORY / sizeof(uint64_t))); + uint64_t tmp = ((uint64_t *)genmem)[idx2]; + ((uint64_t *)genmem)[idx2] = ((uint64_t *)digest)[idx1]; + ((uint64_t *)digest)[idx1] = tmp; s20.crypt20(digest, digest, 64); } } -struct identityV0ProofOfWorkCriteria -{ - ZT_INLINE identityV0ProofOfWorkCriteria(unsigned char* restrict sb, char* restrict gm) noexcept +struct identityV0ProofOfWorkCriteria { + ZT_INLINE identityV0ProofOfWorkCriteria(unsigned char *restrict sb, char *restrict gm) noexcept : digest(sb) , genmem(gm) { @@ -79,8 +81,8 @@ struct identityV0ProofOfWorkCriteria return (digest[0] < 17); } - unsigned char* restrict digest; - char* restrict genmem; + unsigned char *restrict digest; + char *restrict genmem; }; void v1ChallengeFromPub(const uint8_t pub[ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE], uint64_t challenge[4]) @@ -108,7 +110,7 @@ const Identity Identity::NIL; bool Identity::generate(const Type t) { - m_type = t; + m_type = t; m_hasPrivate = true; switch (t) { @@ -116,7 +118,7 @@ bool Identity::generate(const Type t) // Generate C25519/Ed25519 key pair whose hash satisfies a "hashcash" criterion and generate the // address from the last 40 bits of this hash. This is different from the fingerprint hash for V0. uint8_t digest[64]; - char* const genmem = new char[ZT_V0_IDENTITY_GEN_MEMORY]; + char *const genmem = new char[ZT_V0_IDENTITY_GEN_MEMORY]; Address address; do { C25519::generateSatisfying(identityV0ProofOfWorkCriteria(digest, genmem), m_pub, m_priv); @@ -130,11 +132,13 @@ bool Identity::generate(const Type t) case P384: for (;;) { C25519::generateCombined(m_pub + 7, m_priv); - ECC384GenerateKey(m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE); + ECC384GenerateKey( + m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE); uint64_t challenge[4]; v1ChallengeFromPub(m_pub, challenge); - const uint64_t proof = MIMC52::delay(reinterpret_cast(challenge), ZT_IDENTITY_TYPE1_MIMC52_ROUNDS); + const uint64_t proof = + MIMC52::delay(reinterpret_cast(challenge), ZT_IDENTITY_TYPE1_MIMC52_ROUNDS); m_pub[0] = (uint8_t)(proof >> 48U); m_pub[1] = (uint8_t)(proof >> 40U); m_pub[2] = (uint8_t)(proof >> 32U); @@ -145,15 +149,14 @@ bool Identity::generate(const Type t) m_computeHash(); const Address addr(m_fp.hash); - if (! addr.isReserved()) { + if (!addr.isReserved()) { m_fp.address = addr; break; } } break; - default: - return false; + default: return false; } return true; @@ -162,12 +165,12 @@ bool Identity::generate(const Type t) bool Identity::locallyValidate() const noexcept { try { - if ((m_fp) && ((! Address(m_fp.address).isReserved()))) { + if ((m_fp) && ((!Address(m_fp.address).isReserved()))) { switch (m_type) { case C25519: { uint8_t digest[64]; - char* const genmem = (char*)malloc(ZT_V0_IDENTITY_GEN_MEMORY); - if (! genmem) + char *const genmem = (char *)malloc(ZT_V0_IDENTITY_GEN_MEMORY); + if (!genmem) return false; identityV0ProofOfWorkFrankenhash(m_pub, digest, genmem); free(genmem); @@ -179,9 +182,10 @@ bool Identity::locallyValidate() const noexcept uint64_t challenge[4]; v1ChallengeFromPub(m_pub, challenge); return MIMC52::verify( - reinterpret_cast(challenge), - ZT_IDENTITY_TYPE1_MIMC52_ROUNDS, - ((uint64_t)m_pub[0] << 48U) | ((uint64_t)m_pub[1] << 40U) | ((uint64_t)m_pub[2] << 32U) | ((uint64_t)m_pub[3] << 24U) | ((uint64_t)m_pub[4] << 16U) | ((uint64_t)m_pub[5] << 8U) | (uint64_t)m_pub[6]); + reinterpret_cast(challenge), ZT_IDENTITY_TYPE1_MIMC52_ROUNDS, + ((uint64_t)m_pub[0] << 48U) | ((uint64_t)m_pub[1] << 40U) | ((uint64_t)m_pub[2] << 32U) + | ((uint64_t)m_pub[3] << 24U) | ((uint64_t)m_pub[4] << 16U) | ((uint64_t)m_pub[5] << 8U) + | (uint64_t)m_pub[6]); } return false; } @@ -200,15 +204,13 @@ void Identity::hashWithPrivate(uint8_t h[ZT_FINGERPRINT_HASH_SIZE]) const SHA384(h, m_pub, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, m_priv, ZT_C25519_COMBINED_PRIVATE_KEY_SIZE); return; - case P384: - SHA384(h, m_pub, sizeof(m_pub), m_priv, sizeof(m_priv)); - return; + case P384: SHA384(h, m_pub, sizeof(m_pub), m_priv, sizeof(m_priv)); return; } } Utils::zero(h); } -unsigned int Identity::sign(const void* data, unsigned int len, void* sig, unsigned int siglen) const +unsigned int Identity::sign(const void *data, unsigned int len, void *sig, unsigned int siglen) const { if (m_hasPrivate) { switch (m_type) { @@ -224,7 +226,7 @@ unsigned int Identity::sign(const void* data, unsigned int len, void* sig, unsig static_assert(ZT_ECC384_SIGNATURE_HASH_SIZE == ZT_SHA384_DIGEST_SIZE, "weird!"); uint8_t h[ZT_ECC384_SIGNATURE_HASH_SIZE]; SHA384(h, data, len, m_pub, ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE); - ECC384ECDSASign(m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE, h, (uint8_t*)sig); + ECC384ECDSASign(m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE, h, (uint8_t *)sig); return ZT_ECC384_SIGNATURE_SIZE; } break; @@ -233,24 +235,23 @@ unsigned int Identity::sign(const void* data, unsigned int len, void* sig, unsig return 0; } -bool Identity::verify(const void* data, unsigned int len, const void* sig, unsigned int siglen) const +bool Identity::verify(const void *data, unsigned int len, const void *sig, unsigned int siglen) const { switch (m_type) { - case C25519: - return C25519::verify(m_pub, data, len, sig, siglen); + case C25519: return C25519::verify(m_pub, data, len, sig, siglen); case P384: if (siglen == ZT_ECC384_SIGNATURE_SIZE) { uint8_t h[ZT_ECC384_SIGNATURE_HASH_SIZE]; SHA384(h, data, len, m_pub, ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE); - return ECC384ECDSAVerify(m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, h, (const uint8_t*)sig); + return ECC384ECDSAVerify(m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, h, (const uint8_t *)sig); } break; } return false; } -bool Identity::agree(const Identity& id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) const +bool Identity::agree(const Identity &id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) const { uint8_t rawkey[128], h[64]; if (m_hasPrivate) { @@ -269,7 +270,9 @@ bool Identity::agree(const Identity& id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) con // or something. For those who don't trust P384 this means the privacy of // your traffic is also protected by C25519. C25519::agree(m_priv, id.m_pub, rawkey); - ECC384ECDH(id.m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE, rawkey + ZT_C25519_ECDH_SHARED_SECRET_SIZE); + ECC384ECDH( + id.m_pub + 7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, m_priv + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE, + rawkey + ZT_C25519_ECDH_SHARED_SECRET_SIZE); SHA384(key, rawkey, ZT_C25519_ECDH_SHARED_SECRET_SIZE + ZT_ECC384_SHARED_SECRET_SIZE); return true; } @@ -277,9 +280,9 @@ bool Identity::agree(const Identity& id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) con return false; } -char* Identity::toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER_LENGTH]) const +char *Identity::toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER_LENGTH]) const { - char* p = buf; + char *p = buf; Address(m_fp.address).toString(p); p += 10; *(p++) = ':'; @@ -301,13 +304,15 @@ char* Identity::toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER case P384: { *(p++) = '1'; *(p++) = ':'; - int el = Utils::b32e(m_pub, sizeof(m_pub), p, (int)(ZT_IDENTITY_STRING_BUFFER_LENGTH - (uintptr_t)(p - buf))); + int el = + Utils::b32e(m_pub, sizeof(m_pub), p, (int)(ZT_IDENTITY_STRING_BUFFER_LENGTH - (uintptr_t)(p - buf))); if (el <= 0) return nullptr; p += el; if ((m_hasPrivate) && (includePrivate)) { *(p++) = ':'; - el = Utils::b32e(m_priv, sizeof(m_priv), p, (int)(ZT_IDENTITY_STRING_BUFFER_LENGTH - (uintptr_t)(p - buf))); + el = Utils::b32e( + m_priv, sizeof(m_priv), p, (int)(ZT_IDENTITY_STRING_BUFFER_LENGTH - (uintptr_t)(p - buf))); if (el <= 0) return nullptr; p += el; @@ -315,23 +320,22 @@ char* Identity::toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER *p = (char)0; return buf; } - default: - buf[0] = 0; + default: buf[0] = 0; } return nullptr; } -bool Identity::fromString(const char* str) +bool Identity::fromString(const char *str) { char tmp[ZT_IDENTITY_STRING_BUFFER_LENGTH]; memoryZero(this); - if ((! str) || (! Utils::scopy(tmp, sizeof(tmp), str))) + if ((!str) || (!Utils::scopy(tmp, sizeof(tmp), str))) return false; - int fno = 0; - char* saveptr = nullptr; - for (char* f = Utils::stok(tmp, ":", &saveptr); ((f) && (fno < 4)); f = Utils::stok(nullptr, ":", &saveptr)) { + int fno = 0; + char *saveptr = nullptr; + for (char *f = Utils::stok(tmp, ":", &saveptr); ((f) && (fno < 4)); f = Utils::stok(nullptr, ":", &saveptr)) { switch (fno++) { case 0: m_fp.address = Utils::hexStrToU64(f) & ZT_ADDRESS_MASK; @@ -340,10 +344,10 @@ bool Identity::fromString(const char* str) break; case 1: - if ((f[0] == '0') && (! f[1])) { + if ((f[0] == '0') && (!f[1])) { m_type = C25519; } - else if ((f[0] == '1') && (! f[1])) { + else if ((f[0] == '1') && (!f[1])) { m_type = P384; } else { @@ -354,7 +358,8 @@ bool Identity::fromString(const char* str) case 2: switch (m_type) { case C25519: - if (Utils::unhex(f, strlen(f), m_pub, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE) != ZT_C25519_COMBINED_PUBLIC_KEY_SIZE) + if (Utils::unhex(f, strlen(f), m_pub, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE) + != ZT_C25519_COMBINED_PUBLIC_KEY_SIZE) return false; break; @@ -369,7 +374,8 @@ bool Identity::fromString(const char* str) if (strlen(f) > 1) { switch (m_type) { case C25519: - if (Utils::unhex(f, strlen(f), m_priv, ZT_C25519_COMBINED_PRIVATE_KEY_SIZE) != ZT_C25519_COMBINED_PRIVATE_KEY_SIZE) { + if (Utils::unhex(f, strlen(f), m_priv, ZT_C25519_COMBINED_PRIVATE_KEY_SIZE) + != ZT_C25519_COMBINED_PRIVATE_KEY_SIZE) { return false; } else { @@ -395,7 +401,7 @@ bool Identity::fromString(const char* str) return false; m_computeHash(); - return ! ((m_type == P384) && (Address(m_fp.hash) != m_fp.address)); + return !((m_type == P384) && (Address(m_fp.hash) != m_fp.address)); } int Identity::marshal(uint8_t data[ZT_IDENTITY_MARSHAL_SIZE_MAX], const bool includePrivate) const noexcept @@ -407,8 +413,10 @@ int Identity::marshal(uint8_t data[ZT_IDENTITY_MARSHAL_SIZE_MAX], const bool inc Utils::copy(data + ZT_ADDRESS_LENGTH + 1, m_pub); if ((includePrivate) && (m_hasPrivate)) { data[ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE] = ZT_C25519_COMBINED_PRIVATE_KEY_SIZE; - Utils::copy(data + ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1, m_priv); - return ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1 + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE; + Utils::copy( + data + ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1, m_priv); + return ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1 + + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE; } data[ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE] = 0; return ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1; @@ -417,9 +425,12 @@ int Identity::marshal(uint8_t data[ZT_IDENTITY_MARSHAL_SIZE_MAX], const bool inc data[ZT_ADDRESS_LENGTH] = (uint8_t)P384; Utils::copy(data + ZT_ADDRESS_LENGTH + 1, m_pub); if ((includePrivate) && (m_hasPrivate)) { - data[ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE] = ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE; - Utils::copy(data + ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1, m_priv); - return ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1 + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE; + data[ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE] = + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE; + Utils::copy( + data + ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1, m_priv); + return ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1 + + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE; } data[ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE] = 0; return ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1; @@ -427,7 +438,7 @@ int Identity::marshal(uint8_t data[ZT_IDENTITY_MARSHAL_SIZE_MAX], const bool inc return -1; } -int Identity::unmarshal(const uint8_t* data, const int len) noexcept +int Identity::unmarshal(const uint8_t *data, const int len) noexcept { memoryZero(this); @@ -446,11 +457,15 @@ int Identity::unmarshal(const uint8_t* data, const int len) noexcept privlen = data[ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE]; if (privlen == ZT_C25519_COMBINED_PRIVATE_KEY_SIZE) { - if (len < (ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1 + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE)) + if (len + < (ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1 + + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE)) return -1; m_hasPrivate = true; - Utils::copy(m_priv, data + ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1); - return ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1 + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE; + Utils::copy( + m_priv, data + ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1); + return ZT_ADDRESS_LENGTH + 1 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + 1 + + ZT_C25519_COMBINED_PRIVATE_KEY_SIZE; } else if (privlen == 0) { m_hasPrivate = false; @@ -473,11 +488,15 @@ int Identity::unmarshal(const uint8_t* data, const int len) noexcept return ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1; } else if (privlen == ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE) { - if (len < (ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1 + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE)) + if (len + < (ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1 + + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE)) return -1; m_hasPrivate = true; - Utils::copy(&m_priv, data + ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1); - return ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1 + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE; + Utils::copy( + &m_priv, data + ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1); + return ZT_ADDRESS_LENGTH + 1 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + 1 + + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE; } break; } @@ -488,17 +507,11 @@ int Identity::unmarshal(const uint8_t* data, const int len) noexcept void Identity::m_computeHash() { switch (m_type) { - default: - m_fp.zero(); - break; + default: m_fp.zero(); break; - case C25519: - SHA384(m_fp.hash, m_pub, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE); - break; + case C25519: SHA384(m_fp.hash, m_pub, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE); break; - case P384: - SHA384(m_fp.hash, m_pub, ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE); - break; + case P384: SHA384(m_fp.hash, m_pub, ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE); break; } } diff --git a/core/Identity.hpp b/core/Identity.hpp index 022c24dd7..b8a62300e 100644 --- a/core/Identity.hpp +++ b/core/Identity.hpp @@ -27,8 +27,9 @@ #define ZT_IDENTITY_STRING_BUFFER_LENGTH 1024 #define ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE (7 + ZT_C25519_COMBINED_PUBLIC_KEY_SIZE + ZT_ECC384_PUBLIC_KEY_SIZE) #define ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE (ZT_C25519_COMBINED_PRIVATE_KEY_SIZE + ZT_ECC384_PRIVATE_KEY_SIZE) -#define ZT_IDENTITY_MARSHAL_SIZE_MAX (ZT_ADDRESS_LENGTH + 4 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE) -#define ZT_IDENTITY_TYPE1_MIMC52_ROUNDS 262144 +#define ZT_IDENTITY_MARSHAL_SIZE_MAX \ + (ZT_ADDRESS_LENGTH + 4 + ZT_IDENTITY_P384_COMPOUND_PUBLIC_KEY_SIZE + ZT_IDENTITY_P384_COMPOUND_PRIVATE_KEY_SIZE) +#define ZT_IDENTITY_TYPE1_MIMC52_ROUNDS 262144 namespace ZeroTier { @@ -51,7 +52,7 @@ class Identity : public TriviallyCopyable { */ enum Type { C25519 = ZT_IDENTITY_TYPE_C25519, // Type 0 -- Curve25519 and Ed25519 (1.x and 2.x, default) - P384 = ZT_IDENTITY_TYPE_P384 // Type 1 -- NIST P-384 with linked Curve25519/Ed25519 secondaries (2.x+) + P384 = ZT_IDENTITY_TYPE_P384 // Type 1 -- NIST P-384 with linked Curve25519/Ed25519 secondaries (2.x+) }; /** @@ -59,15 +60,9 @@ class Identity : public TriviallyCopyable { */ static const Identity NIL; - ZT_INLINE Identity() noexcept - { - memoryZero(this); - } + ZT_INLINE Identity() noexcept { memoryZero(this); } - ZT_INLINE Identity(const Identity& id) noexcept - { - Utils::copy(this, &id); - } + ZT_INLINE Identity(const Identity &id) noexcept { Utils::copy(this, &id); } /** * Construct identity from string @@ -77,17 +72,11 @@ class Identity : public TriviallyCopyable { * * @param str Identity in canonical string format */ - explicit ZT_INLINE Identity(const char* str) - { - fromString(str); - } + explicit ZT_INLINE Identity(const char *str) { fromString(str); } - ZT_INLINE ~Identity() - { - Utils::burn(reinterpret_cast(&this->m_priv), sizeof(this->m_priv)); - } + ZT_INLINE ~Identity() { Utils::burn(reinterpret_cast(&this->m_priv), sizeof(this->m_priv)); } - ZT_INLINE Identity& operator=(const Identity& id) noexcept + ZT_INLINE Identity &operator=(const Identity &id) noexcept { if (likely(this != &id)) Utils::copy(this, &id); @@ -97,18 +86,12 @@ class Identity : public TriviallyCopyable { /** * Set identity to NIL value (all zero) */ - ZT_INLINE void zero() noexcept - { - memoryZero(this); - } + ZT_INLINE void zero() noexcept { memoryZero(this); } /** * @return Identity type (undefined if identity is null or invalid) */ - ZT_INLINE Type type() const noexcept - { - return m_type; - } + ZT_INLINE Type type() const noexcept { return m_type; } /** * Generate a new identity (address, key pair) @@ -134,26 +117,17 @@ class Identity : public TriviallyCopyable { /** * @return True if this identity contains a private key */ - ZT_INLINE bool hasPrivate() const noexcept - { - return m_hasPrivate; - } + ZT_INLINE bool hasPrivate() const noexcept { return m_hasPrivate; } /** * @return This identity's address */ - ZT_INLINE Address address() const noexcept - { - return Address(m_fp.address); - } + ZT_INLINE Address address() const noexcept { return Address(m_fp.address); } /** * @return Full fingerprint of this identity (address plus SHA384 of keys) */ - ZT_INLINE const Fingerprint& fingerprint() const noexcept - { - return m_fp; - } + ZT_INLINE const Fingerprint &fingerprint() const noexcept { return m_fp; } /** * Compute a hash of this identity's public and private keys. @@ -176,7 +150,7 @@ class Identity : public TriviallyCopyable { * @param siglen Length of buffer * @return Number of bytes actually written to sig or 0 on error */ - unsigned int sign(const void* data, unsigned int len, void* sig, unsigned int siglen) const; + unsigned int sign(const void *data, unsigned int len, void *sig, unsigned int siglen) const; /** * Verify a message signature against this identity @@ -187,7 +161,7 @@ class Identity : public TriviallyCopyable { * @param siglen Length of signature in bytes * @return True if signature validates and data integrity checks */ - bool verify(const void* data, unsigned int len, const void* sig, unsigned int siglen) const; + bool verify(const void *data, unsigned int len, const void *sig, unsigned int siglen) const; /** * Shortcut method to perform key agreement with another identity @@ -198,7 +172,7 @@ class Identity : public TriviallyCopyable { * @param key Result parameter to fill with key bytes * @return Was agreement successful? */ - bool agree(const Identity& id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) const; + bool agree(const Identity &id, uint8_t key[ZT_SYMMETRIC_KEY_SIZE]) const; /** * Serialize to a more human-friendly string @@ -207,7 +181,7 @@ class Identity : public TriviallyCopyable { * @param buf Buffer to store string * @return ASCII string representation of identity (pointer to buf) */ - char* toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER_LENGTH]) const; + char *toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER_LENGTH]) const; ZT_INLINE String toString(const bool includePrivate = false) const { @@ -225,7 +199,7 @@ class Identity : public TriviallyCopyable { * @param str String to deserialize * @return True if deserialization appears successful */ - bool fromString(const char* str); + bool fromString(const char *str); /** * Erase any private key in this identity object @@ -239,53 +213,26 @@ class Identity : public TriviallyCopyable { /** * @return True if this identity contains something */ - explicit ZT_INLINE operator bool() const noexcept - { - return (m_fp); - } + explicit ZT_INLINE operator bool() const noexcept { return (m_fp); } - ZT_INLINE unsigned long hashCode() const noexcept - { - return m_fp.hashCode(); - } + ZT_INLINE unsigned long hashCode() const noexcept { return m_fp.hashCode(); } - ZT_INLINE bool operator==(const Identity& id) const noexcept - { - return (m_fp == id.m_fp); - } + ZT_INLINE bool operator==(const Identity &id) const noexcept { return (m_fp == id.m_fp); } - ZT_INLINE bool operator!=(const Identity& id) const noexcept - { - return ! (*this == id); - } + ZT_INLINE bool operator!=(const Identity &id) const noexcept { return !(*this == id); } - ZT_INLINE bool operator<(const Identity& id) const noexcept - { - return (m_fp < id.m_fp); - } + ZT_INLINE bool operator<(const Identity &id) const noexcept { return (m_fp < id.m_fp); } - ZT_INLINE bool operator>(const Identity& id) const noexcept - { - return (id < *this); - } + ZT_INLINE bool operator>(const Identity &id) const noexcept { return (id < *this); } - ZT_INLINE bool operator<=(const Identity& id) const noexcept - { - return ! (id < *this); - } + ZT_INLINE bool operator<=(const Identity &id) const noexcept { return !(id < *this); } - ZT_INLINE bool operator>=(const Identity& id) const noexcept - { - return ! (*this < id); - } + ZT_INLINE bool operator>=(const Identity &id) const noexcept { return !(*this < id); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_IDENTITY_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_IDENTITY_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_IDENTITY_MARSHAL_SIZE_MAX], bool includePrivate = false) const noexcept; - int unmarshal(const uint8_t* data, int len) noexcept; + int unmarshal(const uint8_t *data, int len) noexcept; private: void m_computeHash(); diff --git a/core/InetAddress.hpp b/core/InetAddress.hpp index 77419eff5..6e69917f0 100644 --- a/core/InetAddress.hpp +++ b/core/InetAddress.hpp @@ -59,73 +59,40 @@ struct InetAddress : public TriviallyCopyable { */ typedef ZT_InetAddress_IpScope IpScope; - ZT_INLINE InetAddress() noexcept - { - memoryZero(this); - } + ZT_INLINE InetAddress() noexcept { memoryZero(this); } - explicit ZT_INLINE InetAddress(const sockaddr_storage& ss) noexcept - { - *this = ss; - } + explicit ZT_INLINE InetAddress(const sockaddr_storage &ss) noexcept { *this = ss; } - explicit ZT_INLINE InetAddress(const sockaddr_storage* const ss) noexcept - { - *this = ss; - } + explicit ZT_INLINE InetAddress(const sockaddr_storage *const ss) noexcept { *this = ss; } - explicit ZT_INLINE InetAddress(const sockaddr& sa) noexcept - { - *this = sa; - } + explicit ZT_INLINE InetAddress(const sockaddr &sa) noexcept { *this = sa; } - explicit ZT_INLINE InetAddress(const sockaddr* const sa) noexcept - { - *this = sa; - } + explicit ZT_INLINE InetAddress(const sockaddr *const sa) noexcept { *this = sa; } - explicit ZT_INLINE InetAddress(const sockaddr_in& sa) noexcept - { - *this = sa; - } + explicit ZT_INLINE InetAddress(const sockaddr_in &sa) noexcept { *this = sa; } - explicit ZT_INLINE InetAddress(const sockaddr_in* const sa) noexcept - { - *this = sa; - } + explicit ZT_INLINE InetAddress(const sockaddr_in *const sa) noexcept { *this = sa; } - explicit ZT_INLINE InetAddress(const sockaddr_in6& sa) noexcept - { - *this = sa; - } + explicit ZT_INLINE InetAddress(const sockaddr_in6 &sa) noexcept { *this = sa; } - explicit ZT_INLINE InetAddress(const sockaddr_in6* const sa) noexcept - { - *this = sa; - } + explicit ZT_INLINE InetAddress(const sockaddr_in6 *const sa) noexcept { *this = sa; } - ZT_INLINE InetAddress(const void* const ipBytes, const unsigned int ipLen, const unsigned int port) noexcept + ZT_INLINE InetAddress(const void *const ipBytes, const unsigned int ipLen, const unsigned int port) noexcept { this->set(ipBytes, ipLen, port); } - ZT_INLINE InetAddress(const uint32_t ipv4, const unsigned int port) noexcept - { - this->set(&ipv4, 4, port); - } + ZT_INLINE InetAddress(const uint32_t ipv4, const unsigned int port) noexcept { this->set(&ipv4, 4, port); } - explicit ZT_INLINE InetAddress(const char* const ipSlashPort) noexcept - { - this->fromString(ipSlashPort); - } + explicit ZT_INLINE InetAddress(const char *const ipSlashPort) noexcept { this->fromString(ipSlashPort); } - ZT_INLINE InetAddress& operator=(const sockaddr_storage& ss) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr_storage &ss) noexcept { as.ss = ss; return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr_storage* ss) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr_storage *ss) noexcept { if (ss) as.ss = *ss; @@ -134,14 +101,14 @@ struct InetAddress : public TriviallyCopyable { return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr_in& sa) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr_in &sa) noexcept { memoryZero(this); as.sa_in = sa; return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr_in* sa) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr_in *sa) noexcept { memoryZero(this); if (sa) @@ -149,14 +116,14 @@ struct InetAddress : public TriviallyCopyable { return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr_in6& sa) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr_in6 &sa) noexcept { memoryZero(this); as.sa_in6 = sa; return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr_in6* sa) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr_in6 *sa) noexcept { memoryZero(this); if (sa) @@ -164,32 +131,29 @@ struct InetAddress : public TriviallyCopyable { return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr& sa) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr &sa) noexcept { memoryZero(this); if (sa.sa_family == AF_INET) - as.sa_in = *reinterpret_cast(&sa); + as.sa_in = *reinterpret_cast(&sa); else if (sa.sa_family == AF_INET6) - as.sa_in6 = *reinterpret_cast(&sa); + as.sa_in6 = *reinterpret_cast(&sa); return *this; } - ZT_INLINE InetAddress& operator=(const sockaddr* sa) noexcept + ZT_INLINE InetAddress &operator=(const sockaddr *sa) noexcept { memoryZero(this); if (sa) { if (sa->sa_family == AF_INET) - as.sa_in = *reinterpret_cast(sa); + as.sa_in = *reinterpret_cast(sa); else if (sa->sa_family == AF_INET6) - as.sa_in6 = *reinterpret_cast(sa); + as.sa_in6 = *reinterpret_cast(sa); } return *this; } - ZT_INLINE void clear() noexcept - { - memoryZero(this); - } + ZT_INLINE void clear() noexcept { memoryZero(this); } /** * @return IP scope classification (e.g. loopback, link-local, private, global) @@ -203,7 +167,7 @@ struct InetAddress : public TriviallyCopyable { * @param ipLen Length of IP address: 4 or 16 * @param port Port number or 0 for none */ - void set(const void* ipBytes, unsigned int ipLen, unsigned int port) noexcept; + void set(const void *ipBytes, unsigned int ipLen, unsigned int port) noexcept; /** * Set the port component @@ -213,12 +177,8 @@ struct InetAddress : public TriviallyCopyable { ZT_INLINE void setPort(unsigned int port) noexcept { switch (as.ss.ss_family) { - case AF_INET: - as.sa_in.sin_port = Utils::hton((uint16_t)port); - break; - case AF_INET6: - as.sa_in6.sin6_port = Utils::hton((uint16_t)port); - break; + case AF_INET: as.sa_in.sin_port = Utils::hton((uint16_t)port); break; + case AF_INET6: as.sa_in6.sin6_port = Utils::hton((uint16_t)port); break; } } @@ -230,7 +190,7 @@ struct InetAddress : public TriviallyCopyable { /** * @return ASCII IP/port format representation */ - char* toString(char buf[ZT_INETADDRESS_STRING_SIZE_MAX]) const noexcept; + char *toString(char buf[ZT_INETADDRESS_STRING_SIZE_MAX]) const noexcept; ZT_INLINE String toString() const { @@ -242,7 +202,7 @@ struct InetAddress : public TriviallyCopyable { /** * @return IP portion only, in ASCII string format */ - char* toIpString(char buf[ZT_INETADDRESS_STRING_SIZE_MAX]) const noexcept; + char *toIpString(char buf[ZT_INETADDRESS_STRING_SIZE_MAX]) const noexcept; ZT_INLINE String toIpString() const { @@ -255,7 +215,7 @@ struct InetAddress : public TriviallyCopyable { * @param ipSlashPort IP/port (port is optional, will be 0 if not included) * @return True if address appeared to be valid */ - bool fromString(const char* ipSlashPort) noexcept; + bool fromString(const char *ipSlashPort) noexcept; /** * @return Port or 0 if no port component defined @@ -263,12 +223,9 @@ struct InetAddress : public TriviallyCopyable { ZT_INLINE unsigned int port() const noexcept { switch (as.ss.ss_family) { - case AF_INET: - return Utils::ntoh((uint16_t)as.sa_in.sin_port); - case AF_INET6: - return Utils::ntoh((uint16_t)as.sa_in6.sin6_port); - default: - return 0; + case AF_INET: return Utils::ntoh((uint16_t)as.sa_in.sin_port); + case AF_INET6: return Utils::ntoh((uint16_t)as.sa_in6.sin6_port); + default: return 0; } } @@ -281,10 +238,7 @@ struct InetAddress : public TriviallyCopyable { * * @return Netmask bits */ - ZT_INLINE unsigned int netmaskBits() const noexcept - { - return port(); - } + ZT_INLINE unsigned int netmaskBits() const noexcept { return port(); } /** * @return True if netmask bits is valid for the address type @@ -293,10 +247,8 @@ struct InetAddress : public TriviallyCopyable { { const unsigned int n = port(); switch (as.ss.ss_family) { - case AF_INET: - return (n <= 32); - case AF_INET6: - return (n <= 128); + case AF_INET: return (n <= 32); + case AF_INET6: return (n <= 128); } return false; } @@ -309,10 +261,7 @@ struct InetAddress : public TriviallyCopyable { * * @return Gateway metric */ - ZT_INLINE unsigned int metric() const noexcept - { - return port(); - } + ZT_INLINE unsigned int metric() const noexcept { return port(); } /** * Construct a full netmask as an InetAddress @@ -344,7 +293,7 @@ struct InetAddress : public TriviallyCopyable { * @param addr Address to check * @return True if this IPv6 prefix matches the prefix of a given IPv6 address */ - bool isEqualPrefix(const InetAddress& addr) const noexcept; + bool isEqualPrefix(const InetAddress &addr) const noexcept; /** * Test whether this IP/netmask contains this address @@ -352,36 +301,27 @@ struct InetAddress : public TriviallyCopyable { * @param addr Address to check * @return True if this IP/netmask (route) contains this address */ - bool containsAddress(const InetAddress& addr) const noexcept; + bool containsAddress(const InetAddress &addr) const noexcept; /** * @return True if this is an IPv4 address */ - ZT_INLINE bool isV4() const noexcept - { - return (as.ss.ss_family == AF_INET); - } + ZT_INLINE bool isV4() const noexcept { return (as.ss.ss_family == AF_INET); } /** * @return True if this is an IPv6 address */ - ZT_INLINE bool isV6() const noexcept - { - return (as.ss.ss_family == AF_INET6); - } + ZT_INLINE bool isV6() const noexcept { return (as.ss.ss_family == AF_INET6); } /** * @return pointer to raw address bytes or NULL if not available */ - ZT_INLINE const void* rawIpData() const noexcept + ZT_INLINE const void *rawIpData() const noexcept { switch (as.ss.ss_family) { - case AF_INET: - return reinterpret_cast(&(as.sa_in.sin_addr.s_addr)); - case AF_INET6: - return reinterpret_cast(as.sa_in6.sin6_addr.s6_addr); - default: - return nullptr; + case AF_INET: return reinterpret_cast(&(as.sa_in.sin_addr.s_addr)); + case AF_INET6: return reinterpret_cast(as.sa_in6.sin6_addr.s6_addr); + default: return nullptr; } } @@ -393,7 +333,7 @@ struct InetAddress : public TriviallyCopyable { InetAddress r; switch (as.ss.ss_family) { case AF_INET: - r.as.sa_in.sin_family = AF_INET; + r.as.sa_in.sin_family = AF_INET; r.as.sa_in.sin_addr.s_addr = as.sa_in.sin_addr.s_addr; break; case AF_INET6: @@ -410,7 +350,7 @@ struct InetAddress : public TriviallyCopyable { * @param a InetAddress to compare again * @return True if only IP portions are equal (false for non-IP or null addresses) */ - ZT_INLINE bool ipsEqual(const InetAddress& a) const noexcept + ZT_INLINE bool ipsEqual(const InetAddress &a) const noexcept { const uint8_t f = as.ss.ss_family; if (f == a.as.ss.ss_family) { @@ -431,7 +371,7 @@ struct InetAddress : public TriviallyCopyable { * @param a InetAddress to compare again * @return True if only IP portions are equal (false for non-IP or null addresses) */ - ZT_INLINE bool ipsEqual2(const InetAddress& a) const noexcept + ZT_INLINE bool ipsEqual2(const InetAddress &a) const noexcept { const uint8_t f = as.ss.ss_family; if (f == a.as.ss.ss_family) { @@ -447,10 +387,14 @@ struct InetAddress : public TriviallyCopyable { ZT_INLINE unsigned long hashCode() const noexcept { if (as.ss.ss_family == AF_INET) { - return (unsigned long)Utils::hash32(((uint32_t)as.sa_in.sin_addr.s_addr + (uint32_t)as.sa_in.sin_port) ^ (uint32_t)Utils::s_mapNonce); + return (unsigned long)Utils::hash32( + ((uint32_t)as.sa_in.sin_addr.s_addr + (uint32_t)as.sa_in.sin_port) ^ (uint32_t)Utils::s_mapNonce); } else if (as.ss.ss_family == AF_INET6) { - return (unsigned long)Utils::hash64((Utils::loadMachineEndian(as.sa_in6.sin6_addr.s6_addr) + Utils::loadMachineEndian(as.sa_in6.sin6_addr.s6_addr + 8) + (uint64_t)as.sa_in6.sin6_port) ^ Utils::s_mapNonce); + return (unsigned long)Utils::hash64( + (Utils::loadMachineEndian(as.sa_in6.sin6_addr.s6_addr) + + Utils::loadMachineEndian(as.sa_in6.sin6_addr.s6_addr + 8) + (uint64_t)as.sa_in6.sin6_port) + ^ Utils::s_mapNonce); } return Utils::fnv1a32(this, sizeof(InetAddress)); } @@ -468,40 +412,39 @@ struct InetAddress : public TriviallyCopyable { /** * @return True if address family is non-zero */ - explicit ZT_INLINE operator bool() const noexcept - { - return (as.ss.ss_family != 0); - } + explicit ZT_INLINE operator bool() const noexcept { return (as.ss.ss_family != 0); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_INETADDRESS_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_INETADDRESS_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_INETADDRESS_MARSHAL_SIZE_MAX]) const noexcept; - int unmarshal(const uint8_t* restrict data, int len) noexcept; + int unmarshal(const uint8_t *restrict data, int len) noexcept; - ZT_INLINE bool operator==(const InetAddress& a) const noexcept + ZT_INLINE bool operator==(const InetAddress &a) const noexcept { if (as.ss.ss_family == a.as.ss.ss_family) { if (as.ss.ss_family == AF_INET) - return ((as.sa_in.sin_port == a.as.sa_in.sin_port) && (as.sa_in.sin_addr.s_addr == a.as.sa_in.sin_addr.s_addr)); + return ( + (as.sa_in.sin_port == a.as.sa_in.sin_port) + && (as.sa_in.sin_addr.s_addr == a.as.sa_in.sin_addr.s_addr)); if (as.ss.ss_family == AF_INET6) - return ((as.sa_in6.sin6_port == a.as.sa_in6.sin6_port) && (memcmp(as.sa_in6.sin6_addr.s6_addr, a.as.sa_in6.sin6_addr.s6_addr, 16) == 0)); + return ( + (as.sa_in6.sin6_port == a.as.sa_in6.sin6_port) + && (memcmp(as.sa_in6.sin6_addr.s6_addr, a.as.sa_in6.sin6_addr.s6_addr, 16) == 0)); return memcmp(this, &a, sizeof(InetAddress)) == 0; } return false; } - ZT_INLINE bool operator<(const InetAddress& a) const noexcept + ZT_INLINE bool operator<(const InetAddress &a) const noexcept { if (as.ss.ss_family == a.as.ss.ss_family) { if (as.ss.ss_family == AF_INET) { const uint16_t p0 = Utils::ntoh((uint16_t)as.sa_in.sin_port); const uint16_t p1 = Utils::ntoh((uint16_t)a.as.sa_in.sin_port); if (p0 == p1) - return Utils::ntoh((uint32_t)as.sa_in.sin_addr.s_addr) < Utils::ntoh((uint32_t)a.as.sa_in.sin_addr.s_addr); + return Utils::ntoh((uint32_t)as.sa_in.sin_addr.s_addr) + < Utils::ntoh((uint32_t)a.as.sa_in.sin_addr.s_addr); return p0 < p1; } if (as.ss.ss_family == AF_INET6) { @@ -516,25 +459,13 @@ struct InetAddress : public TriviallyCopyable { return as.ss.ss_family < a.as.ss.ss_family; } - ZT_INLINE bool operator!=(const InetAddress& a) const noexcept - { - return ! (*this == a); - } + ZT_INLINE bool operator!=(const InetAddress &a) const noexcept { return !(*this == a); } - ZT_INLINE bool operator>(const InetAddress& a) const noexcept - { - return (a < *this); - } + ZT_INLINE bool operator>(const InetAddress &a) const noexcept { return (a < *this); } - ZT_INLINE bool operator<=(const InetAddress& a) const noexcept - { - return ! (a < *this); - } + ZT_INLINE bool operator<=(const InetAddress &a) const noexcept { return !(a < *this); } - ZT_INLINE bool operator>=(const InetAddress& a) const noexcept - { - return ! (*this < a); - } + ZT_INLINE bool operator>=(const InetAddress &a) const noexcept { return !(*this < a); } /** * Compute an IPv6 link-local address @@ -542,7 +473,7 @@ struct InetAddress : public TriviallyCopyable { * @param mac MAC address seed * @return IPv6 link-local address */ - static InetAddress makeIpv6LinkLocal(const MAC& mac) noexcept; + static InetAddress makeIpv6LinkLocal(const MAC &mac) noexcept; /** * Compute private IPv6 unicast address from network ID and ZeroTier address @@ -603,104 +534,89 @@ struct InetAddress : public TriviallyCopyable { } as; }; -static ZT_INLINE InetAddress* asInetAddress(sockaddr_in* const p) noexcept +static ZT_INLINE InetAddress *asInetAddress(sockaddr_in *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE InetAddress* asInetAddress(sockaddr_in6* const p) noexcept +static ZT_INLINE InetAddress *asInetAddress(sockaddr_in6 *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE InetAddress* asInetAddress(sockaddr* const p) noexcept +static ZT_INLINE InetAddress *asInetAddress(sockaddr *const p) noexcept { return reinterpret_cast(p); } + +static ZT_INLINE InetAddress *asInetAddress(sockaddr_storage *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE InetAddress* asInetAddress(sockaddr_storage* const p) noexcept +static ZT_INLINE InetAddress *asInetAddress(ZT_InetAddress *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE InetAddress* asInetAddress(ZT_InetAddress* const p) noexcept +static ZT_INLINE const InetAddress *asInetAddress(const sockaddr_in *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE const InetAddress* asInetAddress(const sockaddr_in* const p) noexcept +static ZT_INLINE const InetAddress *asInetAddress(const sockaddr_in6 *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE const InetAddress* asInetAddress(const sockaddr_in6* const p) noexcept +static ZT_INLINE const InetAddress *asInetAddress(const sockaddr *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE const InetAddress* asInetAddress(const sockaddr* const p) noexcept +static ZT_INLINE const InetAddress *asInetAddress(const sockaddr_storage *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE const InetAddress* asInetAddress(const sockaddr_storage* const p) noexcept +static ZT_INLINE const InetAddress *asInetAddress(const ZT_InetAddress *const p) noexcept { - return reinterpret_cast(p); + return reinterpret_cast(p); } -static ZT_INLINE const InetAddress* asInetAddress(const ZT_InetAddress* const p) noexcept +static ZT_INLINE InetAddress &asInetAddress(sockaddr_in &p) noexcept { return *reinterpret_cast(&p); } + +static ZT_INLINE InetAddress &asInetAddress(sockaddr_in6 &p) noexcept { return *reinterpret_cast(&p); } + +static ZT_INLINE InetAddress &asInetAddress(sockaddr &p) noexcept { return *reinterpret_cast(&p); } + +static ZT_INLINE InetAddress &asInetAddress(sockaddr_storage &p) noexcept { - return reinterpret_cast(p); + return *reinterpret_cast(&p); } -static ZT_INLINE InetAddress& asInetAddress(sockaddr_in& p) noexcept +static ZT_INLINE InetAddress &asInetAddress(ZT_InetAddress &p) noexcept { return *reinterpret_cast(&p); } + +static ZT_INLINE const InetAddress &asInetAddress(const sockaddr_in &p) noexcept { - return *reinterpret_cast(&p); + return *reinterpret_cast(&p); } -static ZT_INLINE InetAddress& asInetAddress(sockaddr_in6& p) noexcept +static ZT_INLINE const InetAddress &asInetAddress(const sockaddr_in6 &p) noexcept { - return *reinterpret_cast(&p); + return *reinterpret_cast(&p); } -static ZT_INLINE InetAddress& asInetAddress(sockaddr& p) noexcept +static ZT_INLINE const InetAddress &asInetAddress(const sockaddr &p) noexcept { - return *reinterpret_cast(&p); + return *reinterpret_cast(&p); } -static ZT_INLINE InetAddress& asInetAddress(sockaddr_storage& p) noexcept +static ZT_INLINE const InetAddress &asInetAddress(const sockaddr_storage &p) noexcept { - return *reinterpret_cast(&p); + return *reinterpret_cast(&p); } -static ZT_INLINE InetAddress& asInetAddress(ZT_InetAddress& p) noexcept +static ZT_INLINE const InetAddress &asInetAddress(const ZT_InetAddress &p) noexcept { - return *reinterpret_cast(&p); -} - -static ZT_INLINE const InetAddress& asInetAddress(const sockaddr_in& p) noexcept -{ - return *reinterpret_cast(&p); -} - -static ZT_INLINE const InetAddress& asInetAddress(const sockaddr_in6& p) noexcept -{ - return *reinterpret_cast(&p); -} - -static ZT_INLINE const InetAddress& asInetAddress(const sockaddr& p) noexcept -{ - return *reinterpret_cast(&p); -} - -static ZT_INLINE const InetAddress& asInetAddress(const sockaddr_storage& p) noexcept -{ - return *reinterpret_cast(&p); -} - -static ZT_INLINE const InetAddress& asInetAddress(const ZT_InetAddress& p) noexcept -{ - return *reinterpret_cast(&p); + return *reinterpret_cast(&p); } } // namespace ZeroTier diff --git a/core/LZ4.cpp b/core/LZ4.cpp index 74f1d4d2c..e002d51fc 100644 --- a/core/LZ4.cpp +++ b/core/LZ4.cpp @@ -64,7 +64,7 @@ namespace { typedef union LZ4_stream_u LZ4_stream_t; /* incomplete type (defined later) */ -FORCE_INLINE void LZ4_resetStream(LZ4_stream_t* streamPtr); +FORCE_INLINE void LZ4_resetStream(LZ4_stream_t *streamPtr); #define LZ4_HASHLOG (LZ4_MEMORY_USAGE - 2) #define LZ4_HASH_SIZE_U32 (1 << LZ4_HASHLOG) /* required as macro for static allocation */ @@ -73,15 +73,15 @@ typedef struct { uint32_t hashTable[LZ4_HASH_SIZE_U32]; uint32_t currentOffset; uint32_t initCheck; - const uint8_t* dictionary; - uint8_t* bufferStart; /* obsolete, used for slideInputBuffer */ + const uint8_t *dictionary; + uint8_t *bufferStart; /* obsolete, used for slideInputBuffer */ uint32_t dictSize; } LZ4_stream_t_internal; typedef struct { - const uint8_t* externalDict; + const uint8_t *externalDict; size_t extDictSize; - const uint8_t* prefixEnd; + const uint8_t *prefixEnd; size_t prefixSize; } LZ4_streamDecode_t_internal; @@ -129,30 +129,15 @@ typedef uintptr_t reg_t; #endif #if defined(LZ4_FORCE_MEMORY_ACCESS) && (LZ4_FORCE_MEMORY_ACCESS == 2) -FORCE_INLINE U16 LZ4_read16(const void* memPtr) -{ - return *(const U16*)memPtr; -} +FORCE_INLINE U16 LZ4_read16(const void *memPtr) { return *(const U16 *)memPtr; } -FORCE_INLINE U32 LZ4_read32(const void* memPtr) -{ - return *(const U32*)memPtr; -} +FORCE_INLINE U32 LZ4_read32(const void *memPtr) { return *(const U32 *)memPtr; } -FORCE_INLINE reg_t LZ4_read_ARCH(const void* memPtr) -{ - return *(const reg_t*)memPtr; -} +FORCE_INLINE reg_t LZ4_read_ARCH(const void *memPtr) { return *(const reg_t *)memPtr; } -FORCE_INLINE void LZ4_write16(void* memPtr, U16 value) -{ - *(U16*)memPtr = value; -} +FORCE_INLINE void LZ4_write16(void *memPtr, U16 value) { *(U16 *)memPtr = value; } -FORCE_INLINE void LZ4_write32(void* memPtr, U32 value) -{ - *(U32*)memPtr = value; -} +FORCE_INLINE void LZ4_write32(void *memPtr, U32 value) { *(U32 *)memPtr = value; } #elif defined(LZ4_FORCE_MEMORY_ACCESS) && (LZ4_FORCE_MEMORY_ACCESS == 1) typedef union { @@ -160,88 +145,64 @@ typedef union { U32 u32; reg_t uArch; } __attribute__((packed)) unalign; -FORCE_INLINE U16 LZ4_read16(const void* ptr) -{ - return ((const unalign*)ptr)->u16; -} -FORCE_INLINE U32 LZ4_read32(const void* ptr) -{ - return ((const unalign*)ptr)->u32; -} -FORCE_INLINE reg_t LZ4_read_ARCH(const void* ptr) -{ - return ((const unalign*)ptr)->uArch; -} -FORCE_INLINE void LZ4_write16(void* memPtr, U16 value) -{ - ((unalign*)memPtr)->u16 = value; -} -FORCE_INLINE void LZ4_write32(void* memPtr, U32 value) -{ - ((unalign*)memPtr)->u32 = value; -} +FORCE_INLINE U16 LZ4_read16(const void *ptr) { return ((const unalign *)ptr)->u16; } +FORCE_INLINE U32 LZ4_read32(const void *ptr) { return ((const unalign *)ptr)->u32; } +FORCE_INLINE reg_t LZ4_read_ARCH(const void *ptr) { return ((const unalign *)ptr)->uArch; } +FORCE_INLINE void LZ4_write16(void *memPtr, U16 value) { ((unalign *)memPtr)->u16 = value; } +FORCE_INLINE void LZ4_write32(void *memPtr, U32 value) { ((unalign *)memPtr)->u32 = value; } #else /* safe and portable */ -FORCE_INLINE U16 LZ4_read16(const void* memPtr) +FORCE_INLINE U16 LZ4_read16(const void *memPtr) { U16 val; Utils::copy(&val, memPtr, sizeof(val)); return val; } -FORCE_INLINE U32 LZ4_read32(const void* memPtr) +FORCE_INLINE U32 LZ4_read32(const void *memPtr) { U32 val; Utils::copy(&val, memPtr, sizeof(val)); return val; } -FORCE_INLINE reg_t LZ4_read_ARCH(const void* memPtr) +FORCE_INLINE reg_t LZ4_read_ARCH(const void *memPtr) { reg_t val; Utils::copy(&val, memPtr, sizeof(val)); return val; } -FORCE_INLINE void LZ4_write16(void* memPtr, U16 value) -{ - Utils::copy(memPtr, &value, sizeof(value)); -} -FORCE_INLINE void LZ4_write32(void* memPtr, U32 value) -{ - Utils::copy(memPtr, &value, sizeof(value)); -} +FORCE_INLINE void LZ4_write16(void *memPtr, U16 value) { Utils::copy(memPtr, &value, sizeof(value)); } +FORCE_INLINE void LZ4_write32(void *memPtr, U32 value) { Utils::copy(memPtr, &value, sizeof(value)); } #endif /* LZ4_FORCE_MEMORY_ACCESS */ -FORCE_INLINE U16 LZ4_readLE16(const void* memPtr) +FORCE_INLINE U16 LZ4_readLE16(const void *memPtr) { if (LZ4_isLittleEndian()) { return LZ4_read16(memPtr); } else { - const BYTE* p = (const BYTE*)memPtr; + const BYTE *p = (const BYTE *)memPtr; return (U16)((U16)p[0] + (p[1] << 8)); } } -FORCE_INLINE void LZ4_writeLE16(void* memPtr, U16 value) +FORCE_INLINE void LZ4_writeLE16(void *memPtr, U16 value) { if (LZ4_isLittleEndian()) { LZ4_write16(memPtr, value); } else { - BYTE* p = (BYTE*)memPtr; - p[0] = (BYTE)value; - p[1] = (BYTE)(value >> 8); + BYTE *p = (BYTE *)memPtr; + p[0] = (BYTE)value; + p[1] = (BYTE)(value >> 8); } } -FORCE_INLINE void LZ4_copy8(void* dst, const void* src) -{ - Utils::copy<8>(dst, src); -} +FORCE_INLINE void LZ4_copy8(void *dst, const void *src) { Utils::copy<8>(dst, src); } -FORCE_INLINE void LZ4_wildCopy(void* dstPtr, const void* srcPtr, void* dstEnd) +FORCE_INLINE void LZ4_wildCopy(void *dstPtr, const void *srcPtr, void *dstEnd) { - BYTE* d = (BYTE*)dstPtr; - const BYTE* s = (const BYTE*)srcPtr; - BYTE* const e = (BYTE*)dstEnd; + BYTE *d = (BYTE *)dstPtr; + const BYTE *s = (const BYTE *)srcPtr; + BYTE *const e = (BYTE *)dstEnd; do { LZ4_copy8(d, s); d += 8; @@ -275,69 +236,71 @@ FORCE_INLINE unsigned LZ4_NbCommonBytes(reg_t val) { if (LZ4_isLittleEndian()) { if (sizeof(val) == 8) { -#if defined(_MSC_VER) && defined(_WIN64) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#if defined(_MSC_VER) && defined(_WIN64) && !defined(LZ4_FORCE_SW_BITCOUNT) unsigned long r = 0; _BitScanForward64(&r, (U64)val); return (int)(r >> 3); -#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && !defined(LZ4_FORCE_SW_BITCOUNT) return (__builtin_ctzll((U64)val) >> 3); #else - static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2, 0, 3, 1, 3, 1, 4, 2, 7, 0, 2, 3, 6, 1, 5, 3, 5, 1, 3, 4, 4, 2, 5, 6, 7, - 7, 0, 1, 2, 3, 3, 4, 6, 2, 6, 5, 5, 3, 4, 5, 6, 7, 1, 2, 4, 6, 4, 4, 5, 7, 2, 6, 5, 7, 6, 7, 7 }; + static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2, 0, 3, 1, 3, 1, 4, 2, 7, 0, 2, 3, 6, 1, 5, + 3, 5, 1, 3, 4, 4, 2, 5, 6, 7, 7, 0, 1, 2, 3, 3, 4, 6, 2, 6, 5, 5, + 3, 4, 5, 6, 7, 1, 2, 4, 6, 4, 4, 5, 7, 2, 6, 5, 7, 6, 7, 7 }; return DeBruijnBytePos[((U64)((val & -(long long)val) * 0x0218A392CDABBD3FULL)) >> 58]; #endif } else /* 32 bits */ { -#if defined(_MSC_VER) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT) unsigned long r; _BitScanForward(&r, (U32)val); return (int)(r >> 3); -#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && !defined(LZ4_FORCE_SW_BITCOUNT) return (__builtin_ctz((U32)val) >> 3); #else - static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0, 3, 2, 2, 1, 3, 2, 0, 1, 3, 3, 1, 2, 2, 2, 2, 0, 3, 1, 2, 0, 1, 0, 1, 1 }; + static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0, 3, 2, 2, 1, 3, 2, 0, 1, + 3, 3, 1, 2, 2, 2, 2, 0, 3, 1, 2, 0, 1, 0, 1, 1 }; return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27]; #endif } } else /* Big Endian CPU */ { if (sizeof(val) == 8) { -#if defined(_MSC_VER) && defined(_WIN64) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#if defined(_MSC_VER) && defined(_WIN64) && !defined(LZ4_FORCE_SW_BITCOUNT) unsigned long r = 0; _BitScanReverse64(&r, val); return (unsigned)(r >> 3); -#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && !defined(LZ4_FORCE_SW_BITCOUNT) return (__builtin_clzll((U64)val) >> 3); #else unsigned r; - if (! (val >> 32)) { + if (!(val >> 32)) { r = 4; } else { r = 0; val >>= 32; } - if (! (val >> 16)) { + if (!(val >> 16)) { r += 2; val >>= 8; } else { val >>= 24; } - r += (! val); + r += (!val); return r; #endif } else /* 32 bits */ { -#if defined(_MSC_VER) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT) unsigned long r = 0; _BitScanReverse(&r, (unsigned long)val); return (unsigned)(r >> 3); -#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && ! defined(LZ4_FORCE_SW_BITCOUNT) +#elif (defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 3))) && !defined(LZ4_FORCE_SW_BITCOUNT) return (__builtin_clz((U32)val) >> 3); #else unsigned r; - if (! (val >> 16)) { + if (!(val >> 16)) { r = 2; val >>= 8; } @@ -345,7 +308,7 @@ FORCE_INLINE unsigned LZ4_NbCommonBytes(reg_t val) r = 0; val >>= 24; } - r += (! val); + r += (!val); return r; #endif } @@ -353,13 +316,13 @@ FORCE_INLINE unsigned LZ4_NbCommonBytes(reg_t val) } #define STEPSIZE sizeof(reg_t) -FORCE_INLINE unsigned LZ4_count(const BYTE* pIn, const BYTE* pMatch, const BYTE* pInLimit) +FORCE_INLINE unsigned LZ4_count(const BYTE *pIn, const BYTE *pMatch, const BYTE *pInLimit) { - const BYTE* const pStart = pIn; + const BYTE *const pStart = pIn; while (likely(pIn < pInLimit - (STEPSIZE - 1))) { reg_t const diff = LZ4_read_ARCH(pMatch) ^ LZ4_read_ARCH(pIn); - if (! diff) { + if (!diff) { pIn += STEPSIZE; pMatch += STEPSIZE; continue; @@ -381,7 +344,7 @@ FORCE_INLINE unsigned LZ4_count(const BYTE* pIn, const BYTE* pMatch, const BYTE* return (unsigned)(pIn - pStart); } -static const int LZ4_64Klimit = ((64 KB) + (MFLIMIT - 1)); +static const int LZ4_64Klimit = ((64 KB) + (MFLIMIT - 1)); static const U32 LZ4_skipTrigger = 6; /* Increase this value ==> compression run slower on incompressible data */ typedef enum { notLimited = 0, limitedOutput = 1 } limitedOutput_directive; @@ -393,10 +356,7 @@ typedef enum { noDictIssue = 0, dictSmall } dictIssue_directive; typedef enum { endOnOutputSize = 0, endOnInputSize = 1 } endCondition_directive; typedef enum { full = 0, partial = 1 } earlyEnd_directive; -FORCE_INLINE int LZ4_compressBound(int isize) -{ - return LZ4_COMPRESSBOUND(isize); -} +FORCE_INLINE int LZ4_compressBound(int isize) { return LZ4_COMPRESSBOUND(isize); } FORCE_INLINE U32 LZ4_hash4(U32 sequence, tableType_t const tableType) { @@ -410,95 +370,89 @@ FORCE_INLINE U32 LZ4_hash5(U64 sequence, tableType_t const tableType) { static const U64 prime5bytes = 889523592379ULL; static const U64 prime8bytes = 11400714785074694791ULL; - const U32 hashLog = (tableType == byU16) ? LZ4_HASHLOG + 1 : LZ4_HASHLOG; + const U32 hashLog = (tableType == byU16) ? LZ4_HASHLOG + 1 : LZ4_HASHLOG; if (LZ4_isLittleEndian()) return (U32)(((sequence << 24) * prime5bytes) >> (64 - hashLog)); else return (U32)(((sequence >> 24) * prime8bytes) >> (64 - hashLog)); } -FORCE_INLINE U32 LZ4_hashPosition(const void* const p, tableType_t const tableType) +FORCE_INLINE U32 LZ4_hashPosition(const void *const p, tableType_t const tableType) { if ((sizeof(reg_t) == 8) && (tableType != byU16)) return LZ4_hash5(LZ4_read_ARCH(p), tableType); return LZ4_hash4(LZ4_read32(p), tableType); } -FORCE_INLINE void LZ4_putPositionOnHash(const BYTE* p, U32 h, void* tableBase, tableType_t const tableType, const BYTE* srcBase) +FORCE_INLINE void +LZ4_putPositionOnHash(const BYTE *p, U32 h, void *tableBase, tableType_t const tableType, const BYTE *srcBase) { switch (tableType) { case byPtr: { - const BYTE** hashTable = (const BYTE**)tableBase; - hashTable[h] = p; + const BYTE **hashTable = (const BYTE **)tableBase; + hashTable[h] = p; return; } case byU32: { - U32* hashTable = (U32*)tableBase; - hashTable[h] = (U32)(p - srcBase); + U32 *hashTable = (U32 *)tableBase; + hashTable[h] = (U32)(p - srcBase); return; } case byU16: { - U16* hashTable = (U16*)tableBase; - hashTable[h] = (U16)(p - srcBase); + U16 *hashTable = (U16 *)tableBase; + hashTable[h] = (U16)(p - srcBase); return; } } } -FORCE_INLINE void LZ4_putPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase) +FORCE_INLINE void LZ4_putPosition(const BYTE *p, void *tableBase, tableType_t tableType, const BYTE *srcBase) { U32 const h = LZ4_hashPosition(p, tableType); LZ4_putPositionOnHash(p, h, tableBase, tableType, srcBase); } -FORCE_INLINE const BYTE* LZ4_getPositionOnHash(U32 h, void* tableBase, tableType_t tableType, const BYTE* srcBase) +FORCE_INLINE const BYTE *LZ4_getPositionOnHash(U32 h, void *tableBase, tableType_t tableType, const BYTE *srcBase) { if (tableType == byPtr) { - const BYTE** hashTable = (const BYTE**)tableBase; + const BYTE **hashTable = (const BYTE **)tableBase; return hashTable[h]; } if (tableType == byU32) { - const U32* const hashTable = (U32*)tableBase; + const U32 *const hashTable = (U32 *)tableBase; return hashTable[h] + srcBase; } { - const U16* const hashTable = (U16*)tableBase; + const U16 *const hashTable = (U16 *)tableBase; return hashTable[h] + srcBase; } /* default, to ensure a return */ } -FORCE_INLINE const BYTE* LZ4_getPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase) +FORCE_INLINE const BYTE *LZ4_getPosition(const BYTE *p, void *tableBase, tableType_t tableType, const BYTE *srcBase) { U32 const h = LZ4_hashPosition(p, tableType); return LZ4_getPositionOnHash(h, tableBase, tableType, srcBase); } FORCE_INLINE int LZ4_compress_generic( - LZ4_stream_t_internal* const cctx, - const char* const source, - char* const dest, - const int inputSize, - const int maxOutputSize, - const limitedOutput_directive outputLimited, - const tableType_t tableType, - const dict_directive dict, - const dictIssue_directive dictIssue, - const U32 acceleration) + LZ4_stream_t_internal *const cctx, const char *const source, char *const dest, const int inputSize, + const int maxOutputSize, const limitedOutput_directive outputLimited, const tableType_t tableType, + const dict_directive dict, const dictIssue_directive dictIssue, const U32 acceleration) { - const BYTE* ip = (const BYTE*)source; - const BYTE* base; - const BYTE* lowLimit; - const BYTE* const lowRefLimit = ip - cctx->dictSize; - const BYTE* const dictionary = cctx->dictionary; - const BYTE* const dictEnd = dictionary + cctx->dictSize; - const ptrdiff_t dictDelta = dictEnd - (const BYTE*)source; - const BYTE* anchor = (const BYTE*)source; - const BYTE* const iend = ip + inputSize; - const BYTE* const mflimit = iend - MFLIMIT; - const BYTE* const matchlimit = iend - LASTLITERALS; + const BYTE *ip = (const BYTE *)source; + const BYTE *base; + const BYTE *lowLimit; + const BYTE *const lowRefLimit = ip - cctx->dictSize; + const BYTE *const dictionary = cctx->dictionary; + const BYTE *const dictEnd = dictionary + cctx->dictSize; + const ptrdiff_t dictDelta = dictEnd - (const BYTE *)source; + const BYTE *anchor = (const BYTE *)source; + const BYTE *const iend = ip + inputSize; + const BYTE *const mflimit = iend - MFLIMIT; + const BYTE *const matchlimit = iend - LASTLITERALS; - BYTE* op = (BYTE*)dest; - BYTE* const olimit = op + maxOutputSize; + BYTE *op = (BYTE *)dest; + BYTE *const olimit = op + maxOutputSize; U32 forwardH; @@ -508,16 +462,16 @@ FORCE_INLINE int LZ4_compress_generic( switch (dict) { case noDict: default: - base = (const BYTE*)source; - lowLimit = (const BYTE*)source; + base = (const BYTE *)source; + lowLimit = (const BYTE *)source; break; case withPrefix64k: - base = (const BYTE*)source - cctx->currentOffset; - lowLimit = (const BYTE*)source - cctx->dictSize; + base = (const BYTE *)source - cctx->currentOffset; + lowLimit = (const BYTE *)source - cctx->dictSize; break; case usingExtDict: - base = (const BYTE*)source - cctx->currentOffset; - lowLimit = (const BYTE*)source; + base = (const BYTE *)source - cctx->currentOffset; + lowLimit = (const BYTE *)source; break; } if ((tableType == byU16) && (inputSize >= LZ4_64Klimit)) @@ -533,17 +487,17 @@ FORCE_INLINE int LZ4_compress_generic( /* Main Loop */ for (;;) { ptrdiff_t refDelta = 0; - const BYTE* match; - BYTE* token; + const BYTE *match; + BYTE *token; /* Find a match */ { - const BYTE* forwardIp = ip; - unsigned step = 1; + const BYTE *forwardIp = ip; + unsigned step = 1; unsigned searchMatchNb = acceleration << LZ4_skipTrigger; do { U32 const h = forwardH; - ip = forwardIp; + ip = forwardIp; forwardIp += step; step = (searchMatchNb++ >> LZ4_skipTrigger); @@ -552,19 +506,21 @@ FORCE_INLINE int LZ4_compress_generic( match = LZ4_getPositionOnHash(h, cctx->hashTable, tableType, base); if (dict == usingExtDict) { - if (match < (const BYTE*)source) { + if (match < (const BYTE *)source) { refDelta = dictDelta; lowLimit = dictionary; } else { refDelta = 0; - lowLimit = (const BYTE*)source; + lowLimit = (const BYTE *)source; } } forwardH = LZ4_hashPosition(forwardIp, tableType); LZ4_putPositionOnHash(ip, h, cctx->hashTable, tableType, base); - } while (((dictIssue == dictSmall) ? (match < lowRefLimit) : 0) || ((tableType == byU16) ? 0 : (match + MAX_DISTANCE < ip)) || (LZ4_read32(match + refDelta) != LZ4_read32(ip))); + } while (((dictIssue == dictSmall) ? (match < lowRefLimit) : 0) + || ((tableType == byU16) ? 0 : (match + MAX_DISTANCE < ip)) + || (LZ4_read32(match + refDelta) != LZ4_read32(ip))); } /* Catch up */ @@ -576,13 +532,13 @@ FORCE_INLINE int LZ4_compress_generic( /* Encode Literals */ { unsigned const litLength = (unsigned)(ip - anchor); - token = op++; + token = op++; if ((outputLimited) && /* Check output buffer overflow */ (unlikely(op + litLength + (2 + 1 + LASTLITERALS) + (litLength / 255) > olimit))) return 0; if (litLength >= RUN_MASK) { int len = (int)litLength - RUN_MASK; - *token = (RUN_MASK << ML_BITS); + *token = (RUN_MASK << ML_BITS); for (; len >= 255; len -= 255) *op++ = 255; *op++ = (BYTE)len; @@ -605,7 +561,7 @@ FORCE_INLINE int LZ4_compress_generic( unsigned matchCode; if ((dict == usingExtDict) && (lowLimit == dictionary)) { - const BYTE* limit; + const BYTE *limit; match += refDelta; limit = ip + (dictEnd - match); if (limit > matchlimit) @@ -613,7 +569,7 @@ FORCE_INLINE int LZ4_compress_generic( matchCode = LZ4_count(ip + MINMATCH, match + MINMATCH, limit); ip += MINMATCH + matchCode; if (ip == limit) { - unsigned const more = LZ4_count(ip, (const BYTE*)source, matchlimit); + unsigned const more = LZ4_count(ip, (const BYTE *)source, matchlimit); matchCode += more; ip += more; } @@ -651,18 +607,19 @@ FORCE_INLINE int LZ4_compress_generic( /* Test next position */ match = LZ4_getPosition(ip, cctx->hashTable, tableType, base); if (dict == usingExtDict) { - if (match < (const BYTE*)source) { + if (match < (const BYTE *)source) { refDelta = dictDelta; lowLimit = dictionary; } else { refDelta = 0; - lowLimit = (const BYTE*)source; + lowLimit = (const BYTE *)source; } } LZ4_putPosition(ip, cctx->hashTable, tableType, base); - if (((dictIssue == dictSmall) ? (match >= lowRefLimit) : 1) && (match + MAX_DISTANCE >= ip) && (LZ4_read32(match + refDelta) == LZ4_read32(ip))) { - token = op++; + if (((dictIssue == dictSmall) ? (match >= lowRefLimit) : 1) && (match + MAX_DISTANCE >= ip) + && (LZ4_read32(match + refDelta) == LZ4_read32(ip))) { + token = op++; *token = 0; goto _next_match; } @@ -676,11 +633,11 @@ _last_literals: { size_t const lastRun = (size_t)(iend - anchor); if ((outputLimited) && /* Check output buffer overflow */ - ((op - (BYTE*)dest) + lastRun + 1 + ((lastRun + 255 - RUN_MASK) / 255) > (U32)maxOutputSize)) + ((op - (BYTE *)dest) + lastRun + 1 + ((lastRun + 255 - RUN_MASK) / 255) > (U32)maxOutputSize)) return 0; if (lastRun >= RUN_MASK) { size_t accumulator = lastRun - RUN_MASK; - *op++ = RUN_MASK << ML_BITS; + *op++ = RUN_MASK << ML_BITS; for (; accumulator >= 255; accumulator -= 255) *op++ = 255; *op++ = (BYTE)accumulator; @@ -693,64 +650,66 @@ _last_literals: } /* End */ - return (int)(((char*)op) - dest); + return (int)(((char *)op) - dest); } -ZT_INLINE int LZ4_compress_fast_extState(void* state, const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) +ZT_INLINE int LZ4_compress_fast_extState( + void *state, const char *source, char *dest, int inputSize, int maxOutputSize, int acceleration) { - LZ4_stream_t_internal* ctx = &((LZ4_stream_t*)state)->internal_donotuse; - LZ4_resetStream((LZ4_stream_t*)state); + LZ4_stream_t_internal *ctx = &((LZ4_stream_t *)state)->internal_donotuse; + LZ4_resetStream((LZ4_stream_t *)state); // if (acceleration < 1) acceleration = ACCELERATION_DEFAULT; if (maxOutputSize >= LZ4_compressBound(inputSize)) { if (inputSize < LZ4_64Klimit) - return LZ4_compress_generic(ctx, source, dest, inputSize, 0, notLimited, byU16, noDict, noDictIssue, acceleration); + return LZ4_compress_generic( + ctx, source, dest, inputSize, 0, notLimited, byU16, noDict, noDictIssue, acceleration); else - return LZ4_compress_generic(ctx, source, dest, inputSize, 0, notLimited, (sizeof(void*) == 8) ? byU32 : byPtr, noDict, noDictIssue, acceleration); + return LZ4_compress_generic( + ctx, source, dest, inputSize, 0, notLimited, (sizeof(void *) == 8) ? byU32 : byPtr, noDict, noDictIssue, + acceleration); } else { if (inputSize < LZ4_64Klimit) - return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); + return LZ4_compress_generic( + ctx, source, dest, inputSize, maxOutputSize, limitedOutput, byU16, noDict, noDictIssue, acceleration); else - return LZ4_compress_generic(ctx, source, dest, inputSize, maxOutputSize, limitedOutput, (sizeof(void*) == 8) ? byU32 : byPtr, noDict, noDictIssue, acceleration); + return LZ4_compress_generic( + ctx, source, dest, inputSize, maxOutputSize, limitedOutput, (sizeof(void *) == 8) ? byU32 : byPtr, + noDict, noDictIssue, acceleration); } } -FORCE_INLINE void LZ4_resetStream(LZ4_stream_t* LZ4_stream) -{ - Utils::zero(LZ4_stream); -} +FORCE_INLINE void LZ4_resetStream(LZ4_stream_t *LZ4_stream) { Utils::zero(LZ4_stream); } FORCE_INLINE int LZ4_decompress_generic( - const char* const source, - char* const dest, - int inputSize, + const char *const source, char *const dest, int inputSize, int outputSize, /* If endOnInput==endOnInputSize, this value is the max size of Output Buffer. */ int endOnInput, /* endOnOutputSize, endOnInputSize */ int partialDecoding, /* full, partial */ int targetOutputSize, /* only used if partialDecoding==partial */ int dict, /* noDict, withPrefix64k, usingExtDict */ - const BYTE* const lowPrefix, /* == dest when no prefix */ - const BYTE* const dictStart, /* only if dict==usingExtDict */ + const BYTE *const lowPrefix, /* == dest when no prefix */ + const BYTE *const dictStart, /* only if dict==usingExtDict */ const size_t dictSize /* note : = 0 if noDict */ ) { /* Local Variables */ - const BYTE* ip = (const BYTE*)source; - const BYTE* const iend = ip + inputSize; + const BYTE *ip = (const BYTE *)source; + const BYTE *const iend = ip + inputSize; - BYTE* op = (BYTE*)dest; - BYTE* const oend = op + outputSize; - BYTE* cpy; - BYTE* oexit = op + targetOutputSize; - const BYTE* const lowLimit = lowPrefix - dictSize; + BYTE *op = (BYTE *)dest; + BYTE *const oend = op + outputSize; + BYTE *cpy; + BYTE *oexit = op + targetOutputSize; + const BYTE *const lowLimit = lowPrefix - dictSize; - const BYTE* const dictEnd = (const BYTE*)dictStart + dictSize; + const BYTE *const dictEnd = (const BYTE *)dictStart + dictSize; const unsigned dec32table[] = { 0, 1, 2, 1, 4, 4, 4, 4 }; - const int dec64table[] = { 0, 0, 0, -1, 0, 1, 2, 3 }; + const int dec64table[] = { 0, 0, 0, -1, 0, 1, 2, 3 }; - const int safeDecode = (endOnInput == endOnInputSize); + const int safeDecode = (endOnInput == endOnInputSize); const int checkOffset = ((safeDecode) && (dictSize < (int)(64 KB))); /* Special cases */ @@ -758,13 +717,13 @@ FORCE_INLINE int LZ4_decompress_generic( oexit = oend - MFLIMIT; /* targetOutputSize too high => decode everything */ if ((endOnInput) && (unlikely(outputSize == 0))) return ((inputSize == 1) && (*ip == 0)) ? 0 : -1; /* Empty output buffer */ - if ((! endOnInput) && (unlikely(outputSize == 0))) + if ((!endOnInput) && (unlikely(outputSize == 0))) return (*ip == 0 ? 1 : -1); /* Main Loop : decode sequences */ while (1) { size_t length; - const BYTE* match; + const BYTE *match; size_t offset; /* get literal length */ @@ -783,7 +742,9 @@ FORCE_INLINE int LZ4_decompress_generic( /* copy literals */ cpy = op + length; - if (((endOnInput) && ((cpy > (partialDecoding ? oexit : oend - MFLIMIT)) || (ip + length > iend - (2 + 1 + LASTLITERALS)))) || ((! endOnInput) && (cpy > oend - WILDCOPYLENGTH))) { + if (((endOnInput) + && ((cpy > (partialDecoding ? oexit : oend - MFLIMIT)) || (ip + length > iend - (2 + 1 + LASTLITERALS)))) + || ((!endOnInput) && (cpy > oend - WILDCOPYLENGTH))) { if (partialDecoding) { if (cpy > oend) goto _output_error; /* Error : write attempt beyond end of output buffer */ @@ -791,7 +752,7 @@ FORCE_INLINE int LZ4_decompress_generic( goto _output_error; /* Error : read attempt beyond end of input buffer */ } else { - if ((! endOnInput) && (cpy != oend)) + if ((!endOnInput) && (cpy != oend)) goto _output_error; /* Error : block decoding must stop exactly there */ if ((endOnInput) && ((ip + length != iend) || (cpy > oend))) goto _output_error; /* Error : input must be consumed */ @@ -845,8 +806,8 @@ FORCE_INLINE int LZ4_decompress_generic( Utils::copy(op, dictEnd - copySize, copySize); op += copySize; if (restSize > (size_t)(op - lowPrefix)) { /* overlap copy */ - BYTE* const endOfMatch = op + restSize; - const BYTE* copyFrom = lowPrefix; + BYTE *const endOfMatch = op + restSize; + const BYTE *copyFrom = lowPrefix; while (op < endOfMatch) *op++ = *copyFrom++; } @@ -862,10 +823,10 @@ FORCE_INLINE int LZ4_decompress_generic( cpy = op + length; if (unlikely(offset < 8)) { const int dec64 = dec64table[offset]; - op[0] = match[0]; - op[1] = match[1]; - op[2] = match[2]; - op[3] = match[3]; + op[0] = match[0]; + op[1] = match[1]; + op[2] = match[2]; + op[3] = match[3]; match += dec32table[offset]; Utils::copy<4>(op + 4, match); match -= dec64; @@ -877,7 +838,7 @@ FORCE_INLINE int LZ4_decompress_generic( op += 8; if (unlikely(cpy > oend - 12)) { - BYTE* const oCopyLimit = oend - (WILDCOPYLENGTH - 1); + BYTE *const oCopyLimit = oend - (WILDCOPYLENGTH - 1); if (cpy > oend - LASTLITERALS) goto _output_error; /* Error : last LASTLITERALS bytes must be literals (uncompressed) */ if (op < oCopyLimit) { @@ -898,24 +859,24 @@ FORCE_INLINE int LZ4_decompress_generic( /* end of decoding */ if (endOnInput) - return (int)(((char*)op) - dest); /* Nb of output bytes decoded */ + return (int)(((char *)op) - dest); /* Nb of output bytes decoded */ else - return (int)(((const char*)ip) - source); /* Nb of input bytes read */ + return (int)(((const char *)ip) - source); /* Nb of input bytes read */ /* Overflow error detected */ _output_error: - return (int)(-(((const char*)ip) - source)) - 1; + return (int)(-(((const char *)ip) - source)) - 1; } } // anonymous namespace -int LZ4_compress_fast(const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration) noexcept +int LZ4_compress_fast(const char *source, char *dest, int inputSize, int maxOutputSize, int acceleration) noexcept { #if (HEAPMODE) - void* ctxPtr = ALLOCATOR(1, sizeof(LZ4_stream_t)); /* malloc-calloc always properly aligned */ + void *ctxPtr = ALLOCATOR(1, sizeof(LZ4_stream_t)); /* malloc-calloc always properly aligned */ #else LZ4_stream_t ctx; - void* const ctxPtr = &ctx; + void *const ctxPtr = &ctx; #endif int const result = LZ4_compress_fast_extState(ctxPtr, source, dest, inputSize, maxOutputSize, acceleration); @@ -926,9 +887,10 @@ int LZ4_compress_fast(const char* source, char* dest, int inputSize, int maxOutp return result; } -int LZ4_decompress_safe(const char* source, char* dest, int compressedSize, int maxDecompressedSize) noexcept +int LZ4_decompress_safe(const char *source, char *dest, int compressedSize, int maxDecompressedSize) noexcept { - return LZ4_decompress_generic(source, dest, compressedSize, maxDecompressedSize, endOnInputSize, full, 0, noDict, (BYTE*)dest, NULL, 0); + return LZ4_decompress_generic( + source, dest, compressedSize, maxDecompressedSize, endOnInputSize, full, 0, noDict, (BYTE *)dest, NULL, 0); } } // namespace ZeroTier diff --git a/core/LZ4.hpp b/core/LZ4.hpp index 2db41b37e..ce049a515 100644 --- a/core/LZ4.hpp +++ b/core/LZ4.hpp @@ -21,8 +21,8 @@ namespace ZeroTier { #define LZ4_MAX_INPUT_SIZE 0x7E000000 #define LZ4_COMPRESSBOUND(isize) ((unsigned)(isize) > (unsigned)LZ4_MAX_INPUT_SIZE ? 0 : (isize) + ((isize) / 255) + 16) -int LZ4_compress_fast(const char* source, char* dest, int inputSize, int maxOutputSize, int acceleration = 1) noexcept; -int LZ4_decompress_safe(const char* source, char* dest, int compressedSize, int maxDecompressedSize) noexcept; +int LZ4_compress_fast(const char *source, char *dest, int inputSize, int maxOutputSize, int acceleration = 1) noexcept; +int LZ4_decompress_safe(const char *source, char *dest, int compressedSize, int maxDecompressedSize) noexcept; } // namespace ZeroTier diff --git a/core/Locator.cpp b/core/Locator.cpp index 7bcab3839..06101457e 100644 --- a/core/Locator.cpp +++ b/core/Locator.cpp @@ -19,11 +19,12 @@ namespace ZeroTier { -const SharedPtr Locator::EndpointAttributes::DEFAULT(new Locator::EndpointAttributes()); +const SharedPtr + Locator::EndpointAttributes::DEFAULT(new Locator::EndpointAttributes()); -Locator::Locator(const char* const str) noexcept : __refCount(0) +Locator::Locator(const char *const str) noexcept : __refCount(0) { - if (! fromString(str)) { + if (!fromString(str)) { m_revision = 0; m_signer.zero(); m_endpoints.clear(); @@ -31,25 +32,27 @@ Locator::Locator(const char* const str) noexcept : __refCount(0) } } -bool Locator::add(const Endpoint& ep, const SharedPtr& a) +bool Locator::add(const Endpoint &ep, const SharedPtr &a) { - for (Vector > >::iterator i(m_endpoints.begin()); i != m_endpoints.end(); ++i) { + for (Vector>>::iterator i(m_endpoints.begin()); + i != m_endpoints.end(); ++i) { if (i->first == ep) { i->second = ((a) && (a->data[0] != 0)) ? a : EndpointAttributes::DEFAULT; return true; } } if (m_endpoints.size() < ZT_LOCATOR_MAX_ENDPOINTS) { - m_endpoints.push_back(std::pair >(ep, ((a) && (a->data[0] != 0)) ? a : EndpointAttributes::DEFAULT)); + m_endpoints.push_back(std::pair>( + ep, ((a) && (a->data[0] != 0)) ? a : EndpointAttributes::DEFAULT)); return true; } return false; } -bool Locator::sign(const int64_t rev, const Identity& id) noexcept +bool Locator::sign(const int64_t rev, const Identity &id) noexcept { m_revision = rev; - m_signer = id.address(); + m_signer = id.address(); m_sortEndpoints(); @@ -64,7 +67,7 @@ bool Locator::sign(const int64_t rev, const Identity& id) noexcept return true; } -bool Locator::verify(const Identity& id) const noexcept +bool Locator::verify(const Identity &id) const noexcept { try { if ((m_revision > 0) && (m_signer == id.address())) { @@ -78,19 +81,23 @@ bool Locator::verify(const Identity& id) const noexcept return false; } -char* Locator::toString(char s[ZT_LOCATOR_STRING_SIZE_MAX]) const noexcept +char *Locator::toString(char s[ZT_LOCATOR_STRING_SIZE_MAX]) const noexcept { - static_assert(ZT_LOCATOR_STRING_SIZE_MAX > ((((ZT_LOCATOR_MARSHAL_SIZE_MAX / 5) + 1) * 8) + ZT_ADDRESS_LENGTH_HEX + 1), "overflow"); + static_assert( + ZT_LOCATOR_STRING_SIZE_MAX > ((((ZT_LOCATOR_MARSHAL_SIZE_MAX / 5) + 1) * 8) + ZT_ADDRESS_LENGTH_HEX + 1), + "overflow"); uint8_t bin[ZT_LOCATOR_MARSHAL_SIZE_MAX]; m_signer.toString(s); s[ZT_ADDRESS_LENGTH_HEX] = '@'; - Utils::b32e(bin, marshal(bin, false), s + (ZT_ADDRESS_LENGTH_HEX + 1), ZT_LOCATOR_STRING_SIZE_MAX - (ZT_ADDRESS_LENGTH_HEX + 1)); + Utils::b32e( + bin, marshal(bin, false), s + (ZT_ADDRESS_LENGTH_HEX + 1), + ZT_LOCATOR_STRING_SIZE_MAX - (ZT_ADDRESS_LENGTH_HEX + 1)); return s; } -bool Locator::fromString(const char* s) noexcept +bool Locator::fromString(const char *s) noexcept { - if (! s) + if (!s) return false; if (strlen(s) < (ZT_ADDRESS_LENGTH_HEX + 1)) return false; @@ -109,7 +116,8 @@ int Locator::marshal(uint8_t data[ZT_LOCATOR_MARSHAL_SIZE_MAX], const bool exclu Utils::storeBigEndian(data + p, (uint16_t)m_endpoints.size()); p += 2; - for (Vector > >::const_iterator e(m_endpoints.begin()); e != m_endpoints.end(); ++e) { + for (Vector>>::const_iterator e(m_endpoints.begin()); + e != m_endpoints.end(); ++e) { int l = e->first.marshal(data + p); if (l <= 0) return -1; @@ -128,7 +136,7 @@ int Locator::marshal(uint8_t data[ZT_LOCATOR_MARSHAL_SIZE_MAX], const bool exclu Utils::storeMachineEndian(data + p, 0); // length of meta-data, currently always 0 p += 2; - if (! excludeSignature) { + if (!excludeSignature) { Utils::storeBigEndian(data + p, (uint16_t)m_signature.size()); p += 2; Utils::copy(data + p, m_signature.data(), m_signature.size()); @@ -138,7 +146,7 @@ int Locator::marshal(uint8_t data[ZT_LOCATOR_MARSHAL_SIZE_MAX], const bool exclu return p; } -int Locator::unmarshal(const uint8_t* data, const int len) noexcept +int Locator::unmarshal(const uint8_t *data, const int len) noexcept { if (unlikely(len < (8 + ZT_ADDRESS_LENGTH))) return -1; @@ -169,7 +177,7 @@ int Locator::unmarshal(const uint8_t* data, const int len) noexcept } else { m_endpoints[i].second.set(new EndpointAttributes()); - Utils::copy(const_cast(m_endpoints[i].second->data), data + p, (unsigned int)l); + Utils::copy(const_cast(m_endpoints[i].second->data), data + p, (unsigned int)l); p += l; } } @@ -198,15 +206,14 @@ int Locator::unmarshal(const uint8_t* data, const int len) noexcept struct p_SortByEndpoint { // There can't be more than one of the same endpoint, so only need to sort // by endpoint. - ZT_INLINE bool operator()(const std::pair >& a, const std::pair >& b) const noexcept + ZT_INLINE bool operator()( + const std::pair> &a, + const std::pair> &b) const noexcept { return a.first < b.first; } }; -void Locator::m_sortEndpoints() noexcept -{ - std::sort(m_endpoints.begin(), m_endpoints.end(), p_SortByEndpoint()); -} +void Locator::m_sortEndpoints() noexcept { std::sort(m_endpoints.begin(), m_endpoints.end(), p_SortByEndpoint()); } } // namespace ZeroTier diff --git a/core/Locator.hpp b/core/Locator.hpp index 921e60a94..20e0ecfd9 100644 --- a/core/Locator.hpp +++ b/core/Locator.hpp @@ -35,7 +35,10 @@ */ #define ZT_LOCATOR_MAX_ENDPOINTS 16 -#define ZT_LOCATOR_MARSHAL_SIZE_MAX (8 + ZT_ADDRESS_LENGTH + 2 + (ZT_LOCATOR_MAX_ENDPOINTS * (ZT_ENDPOINT_MARSHAL_SIZE_MAX + ZT_LOCATOR_MAX_ENDPOINT_ATTRIBUTES_SIZE)) + 2 + 2 + ZT_SIGNATURE_BUFFER_SIZE) +#define ZT_LOCATOR_MARSHAL_SIZE_MAX \ + (8 + ZT_ADDRESS_LENGTH + 2 \ + + (ZT_LOCATOR_MAX_ENDPOINTS * (ZT_ENDPOINT_MARSHAL_SIZE_MAX + ZT_LOCATOR_MAX_ENDPOINT_ATTRIBUTES_SIZE)) + 2 + 2 \ + + ZT_SIGNATURE_BUFFER_SIZE) /** * Maximum size of a string format Locator (this is way larger than needed) @@ -78,50 +81,33 @@ class Locator { */ uint8_t data[ZT_LOCATOR_MAX_ENDPOINT_ATTRIBUTES_SIZE]; - ZT_INLINE EndpointAttributes() noexcept - { - Utils::zero(data); - } + ZT_INLINE EndpointAttributes() noexcept { Utils::zero(data); } - ZT_INLINE bool operator==(const EndpointAttributes& a) const noexcept + ZT_INLINE bool operator==(const EndpointAttributes &a) const noexcept { return ((data[0] == a.data[0]) && (memcmp(data, a.data, data[0]) == 0)); } - ZT_INLINE bool operator<(const EndpointAttributes& a) const noexcept + ZT_INLINE bool operator<(const EndpointAttributes &a) const noexcept { return ((data[0] < a.data[0]) || ((data[0] == a.data[0]) && (memcmp(data, a.data, data[0]) < 0))); } - ZT_INLINE bool operator!=(const EndpointAttributes& a) const noexcept - { - return ! (*this == a); - } + ZT_INLINE bool operator!=(const EndpointAttributes &a) const noexcept { return !(*this == a); } - ZT_INLINE bool operator>(const EndpointAttributes& a) const noexcept - { - return (a < *this); - } + ZT_INLINE bool operator>(const EndpointAttributes &a) const noexcept { return (a < *this); } - ZT_INLINE bool operator<=(const EndpointAttributes& a) const noexcept - { - return ! (a < *this); - } + ZT_INLINE bool operator<=(const EndpointAttributes &a) const noexcept { return !(a < *this); } - ZT_INLINE bool operator>=(const EndpointAttributes& a) const noexcept - { - return ! (*this < a); - } + ZT_INLINE bool operator>=(const EndpointAttributes &a) const noexcept { return !(*this < a); } private: std::atomic __refCount; }; - ZT_INLINE Locator() noexcept : m_revision(0) - { - } + ZT_INLINE Locator() noexcept : m_revision(0) {} - ZT_INLINE Locator(const Locator& l) noexcept + ZT_INLINE Locator(const Locator &l) noexcept : m_revision(l.m_revision) , m_signer(l.m_signer) , m_endpoints(l.m_endpoints) @@ -130,28 +116,22 @@ class Locator { { } - explicit Locator(const char* const str) noexcept; + explicit Locator(const char *const str) noexcept; /** * @return Timestamp (a.k.a. revision number) set by Location signer */ - ZT_INLINE int64_t revision() const noexcept - { - return m_revision; - } + ZT_INLINE int64_t revision() const noexcept { return m_revision; } /** * @return ZeroTier address of signer */ - ZT_INLINE Address signer() const noexcept - { - return m_signer; - } + ZT_INLINE Address signer() const noexcept { return m_signer; } /** * @return Endpoints specified in locator */ - ZT_INLINE const Vector > >& endpoints() const noexcept + ZT_INLINE const Vector>> &endpoints() const noexcept { return m_endpoints; } @@ -159,10 +139,7 @@ class Locator { /** * @return Signature data */ - ZT_INLINE const FCV& signature() const noexcept - { - return m_signature; - } + ZT_INLINE const FCV &signature() const noexcept { return m_signature; } /** * Add an endpoint to this locator @@ -174,7 +151,7 @@ class Locator { * @param a Endpoint attributes or NULL to use default * @return True if endpoint was added (or already present), false if locator is full */ - bool add(const Endpoint& ep, const SharedPtr& a); + bool add(const Endpoint &ep, const SharedPtr &a); /** * Sign this locator @@ -185,7 +162,7 @@ class Locator { * @param id Identity that includes private key * @return True if signature successful */ - bool sign(int64_t rev, const Identity& id) noexcept; + bool sign(int64_t rev, const Identity &id) noexcept; /** * Verify this Locator's validity and signature @@ -193,7 +170,7 @@ class Locator { * @param id Identity corresponding to hash * @return True if valid and signature checks out */ - bool verify(const Identity& id) const noexcept; + bool verify(const Identity &id) const noexcept; /** * Convert this locator to a string @@ -201,7 +178,7 @@ class Locator { * @param s String buffer * @return Pointer to buffer */ - char* toString(char s[ZT_LOCATOR_STRING_SIZE_MAX]) const noexcept; + char *toString(char s[ZT_LOCATOR_STRING_SIZE_MAX]) const noexcept; ZT_INLINE String toString() const { @@ -215,34 +192,29 @@ class Locator { * @param s Locator from toString() * @return True if format was valid */ - bool fromString(const char* s) noexcept; + bool fromString(const char *s) noexcept; - explicit ZT_INLINE operator bool() const noexcept - { - return m_revision > 0; - } + explicit ZT_INLINE operator bool() const noexcept { return m_revision > 0; } - static constexpr int marshalSizeMax() noexcept - { - return ZT_LOCATOR_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_LOCATOR_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_LOCATOR_MARSHAL_SIZE_MAX], bool excludeSignature = false) const noexcept; - int unmarshal(const uint8_t* data, int len) noexcept; + int unmarshal(const uint8_t *data, int len) noexcept; - ZT_INLINE bool operator==(const Locator& l) const noexcept + ZT_INLINE bool operator==(const Locator &l) const noexcept { const unsigned long es = (unsigned long)m_endpoints.size(); - if ((m_revision == l.m_revision) && (m_signer == l.m_signer) && (es == (unsigned long)l.m_endpoints.size()) && (m_signature == l.m_signature)) { + if ((m_revision == l.m_revision) && (m_signer == l.m_signer) && (es == (unsigned long)l.m_endpoints.size()) + && (m_signature == l.m_signature)) { for (unsigned long i = 0; i < es; ++i) { if (m_endpoints[i].first != l.m_endpoints[i].first) return false; - if (! m_endpoints[i].second) { + if (!m_endpoints[i].second) { if (l.m_endpoints[i].second) return false; } else { - if ((! l.m_endpoints[i].second) || (*(m_endpoints[i].second) != *(l.m_endpoints[i].second))) + if ((!l.m_endpoints[i].second) || (*(m_endpoints[i].second) != *(l.m_endpoints[i].second))) return false; } } @@ -251,17 +223,14 @@ class Locator { return false; } - ZT_INLINE bool operator!=(const Locator& l) const noexcept - { - return ! (*this == l); - } + ZT_INLINE bool operator!=(const Locator &l) const noexcept { return !(*this == l); } private: void m_sortEndpoints() noexcept; int64_t m_revision; Address m_signer; - Vector > > m_endpoints; + Vector>> m_endpoints; FCV m_signature; std::atomic __refCount; }; diff --git a/core/MAC.hpp b/core/MAC.hpp index 69686ff8b..30a37d7e8 100644 --- a/core/MAC.hpp +++ b/core/MAC.hpp @@ -27,44 +27,31 @@ namespace ZeroTier { */ class MAC : public TriviallyCopyable { public: - ZT_INLINE MAC() noexcept : m_mac(0ULL) + ZT_INLINE MAC() noexcept : m_mac(0ULL) {} + + ZT_INLINE + MAC(const uint8_t a, const uint8_t b, const uint8_t c, const uint8_t d, const uint8_t e, const uint8_t f) noexcept + : m_mac( + (((uint64_t)a) << 40U) | (((uint64_t)b) << 32U) | (((uint64_t)c) << 24U) | (((uint64_t)d) << 16U) + | (((uint64_t)e) << 8U) | ((uint64_t)f)) { } - ZT_INLINE MAC(const uint8_t a, const uint8_t b, const uint8_t c, const uint8_t d, const uint8_t e, const uint8_t f) noexcept - : m_mac((((uint64_t)a) << 40U) | (((uint64_t)b) << 32U) | (((uint64_t)c) << 24U) | (((uint64_t)d) << 16U) | (((uint64_t)e) << 8U) | ((uint64_t)f)) - { - } + explicit ZT_INLINE MAC(const uint64_t m) noexcept : m_mac(m) {} - explicit ZT_INLINE MAC(const uint64_t m) noexcept : m_mac(m) - { - } + explicit ZT_INLINE MAC(const uint8_t b[6]) noexcept { setTo(b); } - explicit ZT_INLINE MAC(const uint8_t b[6]) noexcept - { - setTo(b); - } - - ZT_INLINE MAC(const Address& ztaddr, const uint64_t nwid) noexcept - { - fromAddress(ztaddr, nwid); - } + ZT_INLINE MAC(const Address &ztaddr, const uint64_t nwid) noexcept { fromAddress(ztaddr, nwid); } /** * @return MAC in 64-bit integer */ - ZT_INLINE uint64_t toInt() const noexcept - { - return m_mac; - } + ZT_INLINE uint64_t toInt() const noexcept { return m_mac; } /** * Set MAC to zero */ - ZT_INLINE void zero() noexcept - { - m_mac = 0ULL; - } + ZT_INLINE void zero() noexcept { m_mac = 0ULL; } /** * @param bits Raw MAC in big-endian byte order @@ -72,7 +59,8 @@ class MAC : public TriviallyCopyable { */ ZT_INLINE void setTo(const uint8_t b[6]) noexcept { - m_mac = ((uint64_t)b[0] << 40U) | ((uint64_t)b[1] << 32U) | ((uint64_t)b[2] << 24U) | ((uint64_t)b[3] << 16U) | ((uint64_t)b[4] << 8U) | (uint64_t)b[5]; + m_mac = ((uint64_t)b[0] << 40U) | ((uint64_t)b[1] << 32U) | ((uint64_t)b[2] << 24U) | ((uint64_t)b[3] << 16U) + | ((uint64_t)b[4] << 8U) | (uint64_t)b[5]; } /** @@ -92,18 +80,12 @@ class MAC : public TriviallyCopyable { /** * @return True if this is broadcast (all 0xff) */ - ZT_INLINE bool isBroadcast() const noexcept - { - return m_mac; - } + ZT_INLINE bool isBroadcast() const noexcept { return m_mac; } /** * @return True if this is a multicast MAC */ - ZT_INLINE bool isMulticast() const noexcept - { - return ((m_mac & 0x010000000000ULL) != 0ULL); - } + ZT_INLINE bool isMulticast() const noexcept { return ((m_mac & 0x010000000000ULL) != 0ULL); } /** * Set this MAC to a MAC derived from an address and a network ID @@ -111,7 +93,7 @@ class MAC : public TriviallyCopyable { * @param ztaddr ZeroTier address * @param nwid 64-bit network ID */ - ZT_INLINE void fromAddress(const Address& ztaddr, uint64_t nwid) noexcept + ZT_INLINE void fromAddress(const Address &ztaddr, uint64_t nwid) noexcept { uint64_t m = ((uint64_t)firstOctetForNetwork(nwid)) << 40U; m |= ztaddr.toInt(); // a is 40 bits @@ -133,7 +115,8 @@ class MAC : public TriviallyCopyable { ZT_INLINE Address toAddress(uint64_t nwid) const noexcept { uint64_t a = m_mac & 0xffffffffffULL; // least significant 40 bits of MAC are formed from address - a ^= ((nwid >> 8U) & 0xffU) << 32U; // ... XORed with bits 8-48 of the nwid in little-endian byte order, so unmask it + a ^= ((nwid >> 8U) & 0xffU) + << 32U; // ... XORed with bits 8-48 of the nwid in little-endian byte order, so unmask it a ^= ((nwid >> 16U) & 0xffU) << 24U; a ^= ((nwid >> 24U) & 0xffU) << 16U; a ^= ((nwid >> 32U) & 0xffU) << 8U; @@ -147,9 +130,10 @@ class MAC : public TriviallyCopyable { */ static ZT_INLINE unsigned char firstOctetForNetwork(uint64_t nwid) noexcept { - const uint8_t a = ((uint8_t)(nwid & 0xfeU) | 0x02U); // locally administered, not multicast, from LSB of network ID - return ((a == 0x52) ? 0x32 : a); // blacklist 0x52 since it's used by KVM, libvirt, and other popular - // virtualization engines... seems de-facto standard on Linux + const uint8_t a = + ((uint8_t)(nwid & 0xfeU) | 0x02U); // locally administered, not multicast, from LSB of network ID + return ((a == 0x52) ? 0x32 : a); // blacklist 0x52 since it's used by KVM, libvirt, and other popular + // virtualization engines... seems de-facto standard on Linux } /** @@ -164,25 +148,13 @@ class MAC : public TriviallyCopyable { /** * @return 6, which is the number of bytes in a MAC, for container compliance */ - ZT_INLINE unsigned int size() const noexcept - { - return 6; - } + ZT_INLINE unsigned int size() const noexcept { return 6; } - ZT_INLINE unsigned long hashCode() const noexcept - { - return (unsigned long)Utils::hash64(m_mac); - } + ZT_INLINE unsigned long hashCode() const noexcept { return (unsigned long)Utils::hash64(m_mac); } - ZT_INLINE operator bool() const noexcept - { - return (m_mac != 0ULL); - } + ZT_INLINE operator bool() const noexcept { return (m_mac != 0ULL); } - ZT_INLINE operator uint64_t() const noexcept - { - return m_mac; - } + ZT_INLINE operator uint64_t() const noexcept { return m_mac; } /** * Convert this MAC to a standard format colon-separated hex string @@ -190,18 +162,18 @@ class MAC : public TriviallyCopyable { * @param buf Buffer to store string * @return Pointer to buf */ - ZT_INLINE char* toString(char buf[18]) const noexcept + ZT_INLINE char *toString(char buf[18]) const noexcept { - buf[0] = Utils::HEXCHARS[(m_mac >> 44U) & 0xfU]; - buf[1] = Utils::HEXCHARS[(m_mac >> 40U) & 0xfU]; - buf[2] = ':'; - buf[3] = Utils::HEXCHARS[(m_mac >> 36U) & 0xfU]; - buf[4] = Utils::HEXCHARS[(m_mac >> 32U) & 0xfU]; - buf[5] = ':'; - buf[6] = Utils::HEXCHARS[(m_mac >> 28U) & 0xfU]; - buf[7] = Utils::HEXCHARS[(m_mac >> 24U) & 0xfU]; - buf[8] = ':'; - buf[9] = Utils::HEXCHARS[(m_mac >> 20U) & 0xfU]; + buf[0] = Utils::HEXCHARS[(m_mac >> 44U) & 0xfU]; + buf[1] = Utils::HEXCHARS[(m_mac >> 40U) & 0xfU]; + buf[2] = ':'; + buf[3] = Utils::HEXCHARS[(m_mac >> 36U) & 0xfU]; + buf[4] = Utils::HEXCHARS[(m_mac >> 32U) & 0xfU]; + buf[5] = ':'; + buf[6] = Utils::HEXCHARS[(m_mac >> 28U) & 0xfU]; + buf[7] = Utils::HEXCHARS[(m_mac >> 24U) & 0xfU]; + buf[8] = ':'; + buf[9] = Utils::HEXCHARS[(m_mac >> 20U) & 0xfU]; buf[10] = Utils::HEXCHARS[(m_mac >> 16U) & 0xfU]; buf[11] = ':'; buf[12] = Utils::HEXCHARS[(m_mac >> 12U) & 0xfU]; @@ -224,7 +196,7 @@ class MAC : public TriviallyCopyable { * * @param s String to parse */ - ZT_INLINE void fromString(const char* s) noexcept + ZT_INLINE void fromString(const char *s) noexcept { m_mac = 0; if (s) { @@ -245,71 +217,35 @@ class MAC : public TriviallyCopyable { } } - ZT_INLINE MAC& operator=(const uint64_t m) noexcept + ZT_INLINE MAC &operator=(const uint64_t m) noexcept { m_mac = m; return *this; } - ZT_INLINE bool operator==(const MAC& m) const noexcept - { - return (m_mac == m.m_mac); - } + ZT_INLINE bool operator==(const MAC &m) const noexcept { return (m_mac == m.m_mac); } - ZT_INLINE bool operator!=(const MAC& m) const noexcept - { - return (m_mac != m.m_mac); - } + ZT_INLINE bool operator!=(const MAC &m) const noexcept { return (m_mac != m.m_mac); } - ZT_INLINE bool operator<(const MAC& m) const noexcept - { - return (m_mac < m.m_mac); - } + ZT_INLINE bool operator<(const MAC &m) const noexcept { return (m_mac < m.m_mac); } - ZT_INLINE bool operator<=(const MAC& m) const noexcept - { - return (m_mac <= m.m_mac); - } + ZT_INLINE bool operator<=(const MAC &m) const noexcept { return (m_mac <= m.m_mac); } - ZT_INLINE bool operator>(const MAC& m) const noexcept - { - return (m_mac > m.m_mac); - } + ZT_INLINE bool operator>(const MAC &m) const noexcept { return (m_mac > m.m_mac); } - ZT_INLINE bool operator>=(const MAC& m) const noexcept - { - return (m_mac >= m.m_mac); - } + ZT_INLINE bool operator>=(const MAC &m) const noexcept { return (m_mac >= m.m_mac); } - ZT_INLINE bool operator==(const uint64_t m) const noexcept - { - return (m_mac == m); - } + ZT_INLINE bool operator==(const uint64_t m) const noexcept { return (m_mac == m); } - ZT_INLINE bool operator!=(const uint64_t m) const noexcept - { - return (m_mac != m); - } + ZT_INLINE bool operator!=(const uint64_t m) const noexcept { return (m_mac != m); } - ZT_INLINE bool operator<(const uint64_t m) const noexcept - { - return (m_mac < m); - } + ZT_INLINE bool operator<(const uint64_t m) const noexcept { return (m_mac < m); } - ZT_INLINE bool operator<=(const uint64_t m) const noexcept - { - return (m_mac <= m); - } + ZT_INLINE bool operator<=(const uint64_t m) const noexcept { return (m_mac <= m); } - ZT_INLINE bool operator>(const uint64_t m) const noexcept - { - return (m_mac > m); - } + ZT_INLINE bool operator>(const uint64_t m) const noexcept { return (m_mac > m); } - ZT_INLINE bool operator>=(const uint64_t m) const noexcept - { - return (m_mac >= m); - } + ZT_INLINE bool operator>=(const uint64_t m) const noexcept { return (m_mac >= m); } private: uint64_t m_mac; diff --git a/core/MIMC52.cpp b/core/MIMC52.cpp index d86d38e3a..16269b2af 100644 --- a/core/MIMC52.cpp +++ b/core/MIMC52.cpp @@ -21,60 +21,120 @@ namespace { // Largest 1024 primes of form 6k + 5 and less than 2^52. Only the least significant 32 // bits need to be here, as the most significant bits are all 1. const uint32_t ZT_MIMC52_PRIMES[1024] = { - 4294895267, 4294895477, 4294895513, 4294895519, 4294895543, 4294895567, 4294895657, 4294895711, 4294895777, 4294895861, 4294895909, 4294895921, 4294895969, 4294896011, 4294896149, 4294896227, 4294896401, 4294896473, 4294896527, - 4294896563, 4294896653, 4294896731, 4294896863, 4294896899, 4294896983, 4294897037, 4294897103, 4294897331, 4294897349, 4294897451, 4294897571, 4294897661, 4294897703, 4294897757, 4294897793, 4294897811, 4294897817, 4294897829, - 4294897877, 4294897919, 4294897991, 4294898027, 4294898129, 4294898153, 4294898231, 4294898273, 4294898279, 4294898291, 4294898363, 4294898369, 4294898417, 4294898423, 4294898453, 4294898489, 4294898573, 4294898579, 4294898639, - 4294898693, 4294898747, 4294898759, 4294898867, 4294898879, 4294898909, 4294898921, 4294898933, 4294899011, 4294899041, 4294899047, 4294899203, 4294899221, 4294899227, 4294899287, 4294899341, 4294899431, 4294899509, 4294899533, - 4294899539, 4294899551, 4294899629, 4294899791, 4294899809, 4294899971, 4294900001, 4294900007, 4294900013, 4294900307, 4294900331, 4294900427, 4294900469, 4294900481, 4294900541, 4294900583, 4294900781, 4294900853, 4294900931, - 4294900991, 4294901033, 4294901087, 4294901159, 4294901267, 4294901393, 4294901411, 4294901489, 4294901657, 4294902011, 4294902071, 4294902101, 4294902107, 4294902353, 4294902377, 4294902599, 4294902647, 4294902743, 4294902869, - 4294902977, 4294903067, 4294903103, 4294903259, 4294903289, 4294903397, 4294903421, 4294903493, 4294903577, 4294903631, 4294903637, 4294903733, 4294903799, 4294903823, 4294904003, 4294904033, 4294904081, 4294904129, 4294904279, - 4294904297, 4294904303, 4294904333, 4294904351, 4294904381, 4294904453, 4294904519, 4294904561, 4294904639, 4294904657, 4294904747, 4294904807, 4294904843, 4294905089, 4294905149, 4294905293, 4294905299, 4294905311, 4294905443, - 4294905479, 4294905539, 4294905623, 4294905641, 4294905671, 4294905707, 4294905887, 4294905977, 4294906091, 4294906103, 4294906139, 4294906157, 4294906223, 4294906259, 4294906487, 4294906493, 4294906523, 4294906547, 4294906553, - 4294906571, 4294906577, 4294906589, 4294906703, 4294906733, 4294906763, 4294906841, 4294906859, 4294906937, 4294907057, 4294907063, 4294907141, 4294907231, 4294907249, 4294907261, 4294907267, 4294907387, 4294907417, 4294907567, - 4294907603, 4294907699, 4294907789, 4294907849, 4294907873, 4294907879, 4294908023, 4294908071, 4294908119, 4294908209, 4294908227, 4294908329, 4294908491, 4294908503, 4294908569, 4294908653, 4294908713, 4294908719, 4294908791, - 4294908839, 4294908869, 4294908989, 4294909031, 4294909067, 4294909109, 4294909253, 4294909529, 4294909589, 4294909643, 4294909739, 4294909799, 4294909811, 4294909853, 4294910003, 4294910039, 4294910189, 4294910201, 4294910219, - 4294910273, 4294910333, 4294910369, 4294910393, 4294910471, 4294910549, 4294910651, 4294910669, 4294910681, 4294910711, 4294910753, 4294910801, 4294910981, 4294911053, 4294911143, 4294911227, 4294911239, 4294911359, 4294911383, - 4294911407, 4294911521, 4294911551, 4294911611, 4294911641, 4294911689, 4294911719, 4294911869, 4294912109, 4294912133, 4294912151, 4294912187, 4294912223, 4294912331, 4294912439, 4294912607, 4294912703, 4294912859, 4294912871, - 4294912907, 4294912961, 4294913003, 4294913111, 4294913309, 4294913333, 4294913357, 4294913399, 4294913411, 4294913459, 4294913501, 4294913531, 4294913591, 4294913609, 4294913663, 4294913783, 4294913819, 4294913903, 4294914137, - 4294914413, 4294914473, 4294914497, 4294914527, 4294914551, 4294914593, 4294914611, 4294914659, 4294914671, 4294914743, 4294914863, 4294914917, 4294915061, 4294915103, 4294915139, 4294915217, 4294915223, 4294915253, 4294915283, - 4294915373, 4294915433, 4294915607, 4294916069, 4294916213, 4294916267, 4294916303, 4294916393, 4294916441, 4294916477, 4294916507, 4294916573, 4294916633, 4294916687, 4294916783, 4294916837, 4294916897, 4294916921, 4294917029, - 4294917047, 4294917101, 4294917203, 4294917287, 4294917299, 4294917389, 4294917437, 4294917527, 4294917557, 4294917611, 4294917617, 4294917689, 4294917821, 4294917857, 4294917917, 4294917941, 4294918169, 4294918187, 4294918307, - 4294918409, 4294918433, 4294918481, 4294918703, 4294918709, 4294918733, 4294918799, 4294918871, 4294919009, 4294919249, 4294919279, 4294919291, 4294919363, 4294919381, 4294919441, 4294919447, 4294919549, 4294919579, 4294919633, - 4294919657, 4294919669, 4294919693, 4294919711, 4294920029, 4294920059, 4294920089, 4294920197, 4294920239, 4294920257, 4294920263, 4294920269, 4294920341, 4294920353, 4294920407, 4294920503, 4294920599, 4294920647, 4294920743, - 4294920803, 4294920809, 4294920881, 4294920899, 4294920983, 4294921043, 4294921139, 4294921151, 4294921181, 4294921229, 4294921289, 4294921331, 4294921343, 4294921391, 4294921469, 4294921709, 4294921721, 4294921823, 4294921847, - 4294921889, 4294922057, 4294922171, 4294922201, 4294922237, 4294922309, 4294922399, 4294922447, 4294922507, 4294922513, 4294922549, 4294922609, 4294922663, 4294922861, 4294922933, 4294923101, 4294923191, 4294923209, 4294923221, - 4294923251, 4294923263, 4294923359, 4294923371, 4294923377, 4294923461, 4294923521, 4294923953, 4294924001, 4294924091, 4294924121, 4294924319, 4294924397, 4294924571, 4294924583, 4294924751, 4294924817, 4294924823, 4294924847, - 4294924877, 4294925003, 4294925027, 4294925117, 4294925237, 4294925243, 4294925297, 4294925369, 4294925627, 4294925639, 4294925729, 4294925747, 4294925873, 4294925891, 4294925933, 4294926047, 4294926059, 4294926209, 4294926221, - 4294926233, 4294926257, 4294926329, 4294926371, 4294926401, 4294926413, 4294926437, 4294926563, 4294926569, 4294926917, 4294926923, 4294926947, 4294926971, 4294927067, 4294927073, 4294927151, 4294927349, 4294927367, 4294927403, - 4294927481, 4294927523, 4294927553, 4294927589, 4294927649, 4294927673, 4294927727, 4294927739, 4294927763, 4294927889, 4294928183, 4294928207, 4294928249, 4294928327, 4294928351, 4294928399, 4294928483, 4294928489, 4294928543, - 4294928597, 4294928951, 4294928963, 4294928981, 4294929017, 4294929059, 4294929161, 4294929197, 4294929233, 4294929269, 4294929311, 4294929323, 4294929341, 4294929383, 4294929401, 4294929497, 4294929509, 4294929581, 4294929707, - 4294929743, 4294930043, 4294930121, 4294930193, 4294930223, 4294930349, 4294930403, 4294930571, 4294930613, 4294930721, 4294930751, 4294930877, 4294930931, 4294930961, 4294930967, 4294930973, 4294931021, 4294931051, 4294931057, - 4294931063, 4294931219, 4294931273, 4294931339, 4294931423, 4294931441, 4294931453, 4294931567, 4294931639, 4294931717, 4294931897, 4294931969, 4294932023, 4294932053, 4294932239, 4294932299, 4294932443, 4294932671, 4294932677, - 4294932731, 4294932743, 4294932767, 4294932773, 4294932779, 4294932881, 4294932899, 4294932929, 4294933067, 4294933277, 4294933307, 4294933343, 4294933451, 4294933523, 4294933763, 4294933793, 4294933829, 4294933847, 4294933871, - 4294933997, 4294934033, 4294934111, 4294934207, 4294934243, 4294934267, 4294934279, 4294934291, 4294934327, 4294934363, 4294934423, 4294934489, 4294934561, 4294934867, 4294934921, 4294934969, 4294935137, 4294935239, 4294935299, - 4294935431, 4294935539, 4294935629, 4294935701, 4294935791, 4294935797, 4294935803, 4294935959, 4294936001, 4294936007, 4294936037, 4294936079, 4294936127, 4294936163, 4294936247, 4294936307, 4294936331, 4294936409, 4294936451, - 4294936601, 4294936607, 4294936619, 4294936667, 4294936709, 4294936733, 4294936751, 4294936763, 4294936829, 4294936937, 4294936997, 4294937027, 4294937051, 4294937093, 4294937177, 4294937213, 4294937291, 4294937381, 4294937417, - 4294937429, 4294937681, 4294937693, 4294937753, 4294937771, 4294937813, 4294937837, 4294937891, 4294937969, 4294938071, 4294938101, 4294938323, 4294938371, 4294938401, 4294938467, 4294938473, 4294938521, 4294938599, 4294938731, - 4294938779, 4294938833, 4294938899, 4294938977, 4294938983, 4294939067, 4294939127, 4294939223, 4294939277, 4294939331, 4294939337, 4294939391, 4294939457, 4294939559, 4294939673, 4294939691, 4294939901, 4294939991, 4294940087, - 4294940093, 4294940189, 4294940213, 4294940417, 4294940657, 4294940699, 4294940753, 4294940801, 4294940873, 4294940951, 4294941047, 4294941143, 4294941161, 4294941227, 4294941281, 4294941377, 4294941509, 4294941551, 4294941701, - 4294941731, 4294941767, 4294941911, 4294941923, 4294942043, 4294942139, 4294942313, 4294942343, 4294942373, 4294942427, 4294942529, 4294942601, 4294942649, 4294942673, 4294942679, 4294942733, 4294942769, 4294942811, 4294942961, - 4294943129, 4294943141, 4294943219, 4294943369, 4294943423, 4294943471, 4294943651, 4294943687, 4294943717, 4294943729, 4294943747, 4294943759, 4294943813, 4294943819, 4294943891, 4294944077, 4294944191, 4294944233, 4294944239, - 4294944353, 4294944389, 4294944581, 4294944623, 4294944629, 4294944659, 4294944821, 4294945031, 4294945157, 4294945211, 4294945229, 4294945301, 4294945337, 4294945343, 4294945511, 4294945547, 4294945667, 4294945709, 4294945757, - 4294945841, 4294945991, 4294946033, 4294946099, 4294946153, 4294946477, 4294946687, 4294946747, 4294946957, 4294946993, 4294947023, 4294947131, 4294947167, 4294947287, 4294947311, 4294947413, 4294947581, 4294947599, 4294947671, - 4294947851, 4294947959, 4294948067, 4294948073, 4294948193, 4294948259, 4294948421, 4294948451, 4294948613, 4294948673, 4294948883, 4294949027, 4294949057, 4294949069, 4294949519, 4294949531, 4294949603, 4294949609, 4294949627, - 4294949693, 4294949729, 4294949741, 4294949807, 4294949921, 4294949939, 4294949981, 4294949993, 4294950083, 4294950173, 4294950197, 4294950251, 4294950287, 4294950317, 4294950323, 4294950329, 4294950581, 4294950593, 4294950617, - 4294950629, 4294950713, 4294950929, 4294951151, 4294951163, 4294951169, 4294951379, 4294951583, 4294951613, 4294951853, 4294951907, 4294951913, 4294951937, 4294951961, 4294952063, 4294952183, 4294952393, 4294952543, 4294952549, - 4294952597, 4294952627, 4294952687, 4294952723, 4294952729, 4294952789, 4294952819, 4294952873, 4294952891, 4294952903, 4294952969, 4294952999, 4294953023, 4294953107, 4294953173, 4294953281, 4294953341, 4294953431, 4294953599, - 4294953689, 4294953719, 4294953827, 4294953887, 4294953977, 4294954073, 4294954079, 4294954157, 4294954217, 4294954283, 4294954607, 4294954667, 4294954859, 4294954901, 4294954973, 4294955081, 4294955237, 4294955273, 4294955327, - 4294955441, 4294955507, 4294955591, 4294955789, 4294955831, 4294955837, 4294955927, 4294955963, 4294955969, 4294955987, 4294956041, 4294956047, 4294956197, 4294956323, 4294956359, 4294956551, 4294956593, 4294956623, 4294956629, - 4294956641, 4294956719, 4294956761, 4294956767, 4294956797, 4294956821, 4294956833, 4294957037, 4294957079, 4294957103, 4294957181, 4294957349, 4294957379, 4294957433, 4294957463, 4294957511, 4294957577, 4294957727, 4294957859, - 4294957877, 4294958039, 4294958153, 4294958309, 4294958417, 4294958441, 4294958693, 4294958717, 4294958753, 4294958903, 4294958909, 4294959017, 4294959071, 4294959107, 4294959161, 4294959257, 4294959299, 4294959329, 4294959431, - 4294959593, 4294959599, 4294959659, 4294959893, 4294959917, 4294959983, 4294960001, 4294960031, 4294960061, 4294960079, 4294960097, 4294960271, 4294960283, 4294960349, 4294960367, 4294960421, 4294960529, 4294960541, 4294960583, - 4294960613, 4294960673, 4294960691, 4294960697, 4294960787, 4294960919, 4294961003, 4294961039, 4294961153, 4294961159, 4294961171, 4294961321, 4294961411, 4294961471, 4294961507, 4294961537, 4294961669, 4294961717, 4294961741, - 4294961873, 4294962059, 4294962137, 4294962167, 4294962263, 4294962281, 4294962311, 4294962341, 4294962413, 4294962521, 4294962563, 4294962761, 4294962893, 4294963103, 4294963163, 4294963223, 4294963313, 4294963349, 4294963427, - 4294963547, 4294963559, 4294963721, 4294963799, 4294963817, 4294963901, 4294963919, 4294964021, 4294964279, 4294964297, 4294964363, 4294964387, 4294964411, 4294964567, 4294964603, 4294964687, 4294964777, 4294965041, 4294965071, - 4294965119, 4294965221, 4294965251, 4294965287, 4294965413, 4294965569, 4294965647, 4294965671, 4294965689, 4294965779, 4294965839, 4294965893, 4294966091, 4294966109, 4294966127, 4294966157, 4294966187, 4294966199, 4294966211, - 4294966403, 4294966457, 4294966499, 4294966541, 4294966637, 4294966661, 4294966739, 4294966823, 4294966883, 4294966901, 4294966961, 4294967027, 4294967087, 4294967099, 4294967123, 4294967153, 4294967249 + 4294895267, 4294895477, 4294895513, 4294895519, 4294895543, 4294895567, 4294895657, 4294895711, 4294895777, + 4294895861, 4294895909, 4294895921, 4294895969, 4294896011, 4294896149, 4294896227, 4294896401, 4294896473, + 4294896527, 4294896563, 4294896653, 4294896731, 4294896863, 4294896899, 4294896983, 4294897037, 4294897103, + 4294897331, 4294897349, 4294897451, 4294897571, 4294897661, 4294897703, 4294897757, 4294897793, 4294897811, + 4294897817, 4294897829, 4294897877, 4294897919, 4294897991, 4294898027, 4294898129, 4294898153, 4294898231, + 4294898273, 4294898279, 4294898291, 4294898363, 4294898369, 4294898417, 4294898423, 4294898453, 4294898489, + 4294898573, 4294898579, 4294898639, 4294898693, 4294898747, 4294898759, 4294898867, 4294898879, 4294898909, + 4294898921, 4294898933, 4294899011, 4294899041, 4294899047, 4294899203, 4294899221, 4294899227, 4294899287, + 4294899341, 4294899431, 4294899509, 4294899533, 4294899539, 4294899551, 4294899629, 4294899791, 4294899809, + 4294899971, 4294900001, 4294900007, 4294900013, 4294900307, 4294900331, 4294900427, 4294900469, 4294900481, + 4294900541, 4294900583, 4294900781, 4294900853, 4294900931, 4294900991, 4294901033, 4294901087, 4294901159, + 4294901267, 4294901393, 4294901411, 4294901489, 4294901657, 4294902011, 4294902071, 4294902101, 4294902107, + 4294902353, 4294902377, 4294902599, 4294902647, 4294902743, 4294902869, 4294902977, 4294903067, 4294903103, + 4294903259, 4294903289, 4294903397, 4294903421, 4294903493, 4294903577, 4294903631, 4294903637, 4294903733, + 4294903799, 4294903823, 4294904003, 4294904033, 4294904081, 4294904129, 4294904279, 4294904297, 4294904303, + 4294904333, 4294904351, 4294904381, 4294904453, 4294904519, 4294904561, 4294904639, 4294904657, 4294904747, + 4294904807, 4294904843, 4294905089, 4294905149, 4294905293, 4294905299, 4294905311, 4294905443, 4294905479, + 4294905539, 4294905623, 4294905641, 4294905671, 4294905707, 4294905887, 4294905977, 4294906091, 4294906103, + 4294906139, 4294906157, 4294906223, 4294906259, 4294906487, 4294906493, 4294906523, 4294906547, 4294906553, + 4294906571, 4294906577, 4294906589, 4294906703, 4294906733, 4294906763, 4294906841, 4294906859, 4294906937, + 4294907057, 4294907063, 4294907141, 4294907231, 4294907249, 4294907261, 4294907267, 4294907387, 4294907417, + 4294907567, 4294907603, 4294907699, 4294907789, 4294907849, 4294907873, 4294907879, 4294908023, 4294908071, + 4294908119, 4294908209, 4294908227, 4294908329, 4294908491, 4294908503, 4294908569, 4294908653, 4294908713, + 4294908719, 4294908791, 4294908839, 4294908869, 4294908989, 4294909031, 4294909067, 4294909109, 4294909253, + 4294909529, 4294909589, 4294909643, 4294909739, 4294909799, 4294909811, 4294909853, 4294910003, 4294910039, + 4294910189, 4294910201, 4294910219, 4294910273, 4294910333, 4294910369, 4294910393, 4294910471, 4294910549, + 4294910651, 4294910669, 4294910681, 4294910711, 4294910753, 4294910801, 4294910981, 4294911053, 4294911143, + 4294911227, 4294911239, 4294911359, 4294911383, 4294911407, 4294911521, 4294911551, 4294911611, 4294911641, + 4294911689, 4294911719, 4294911869, 4294912109, 4294912133, 4294912151, 4294912187, 4294912223, 4294912331, + 4294912439, 4294912607, 4294912703, 4294912859, 4294912871, 4294912907, 4294912961, 4294913003, 4294913111, + 4294913309, 4294913333, 4294913357, 4294913399, 4294913411, 4294913459, 4294913501, 4294913531, 4294913591, + 4294913609, 4294913663, 4294913783, 4294913819, 4294913903, 4294914137, 4294914413, 4294914473, 4294914497, + 4294914527, 4294914551, 4294914593, 4294914611, 4294914659, 4294914671, 4294914743, 4294914863, 4294914917, + 4294915061, 4294915103, 4294915139, 4294915217, 4294915223, 4294915253, 4294915283, 4294915373, 4294915433, + 4294915607, 4294916069, 4294916213, 4294916267, 4294916303, 4294916393, 4294916441, 4294916477, 4294916507, + 4294916573, 4294916633, 4294916687, 4294916783, 4294916837, 4294916897, 4294916921, 4294917029, 4294917047, + 4294917101, 4294917203, 4294917287, 4294917299, 4294917389, 4294917437, 4294917527, 4294917557, 4294917611, + 4294917617, 4294917689, 4294917821, 4294917857, 4294917917, 4294917941, 4294918169, 4294918187, 4294918307, + 4294918409, 4294918433, 4294918481, 4294918703, 4294918709, 4294918733, 4294918799, 4294918871, 4294919009, + 4294919249, 4294919279, 4294919291, 4294919363, 4294919381, 4294919441, 4294919447, 4294919549, 4294919579, + 4294919633, 4294919657, 4294919669, 4294919693, 4294919711, 4294920029, 4294920059, 4294920089, 4294920197, + 4294920239, 4294920257, 4294920263, 4294920269, 4294920341, 4294920353, 4294920407, 4294920503, 4294920599, + 4294920647, 4294920743, 4294920803, 4294920809, 4294920881, 4294920899, 4294920983, 4294921043, 4294921139, + 4294921151, 4294921181, 4294921229, 4294921289, 4294921331, 4294921343, 4294921391, 4294921469, 4294921709, + 4294921721, 4294921823, 4294921847, 4294921889, 4294922057, 4294922171, 4294922201, 4294922237, 4294922309, + 4294922399, 4294922447, 4294922507, 4294922513, 4294922549, 4294922609, 4294922663, 4294922861, 4294922933, + 4294923101, 4294923191, 4294923209, 4294923221, 4294923251, 4294923263, 4294923359, 4294923371, 4294923377, + 4294923461, 4294923521, 4294923953, 4294924001, 4294924091, 4294924121, 4294924319, 4294924397, 4294924571, + 4294924583, 4294924751, 4294924817, 4294924823, 4294924847, 4294924877, 4294925003, 4294925027, 4294925117, + 4294925237, 4294925243, 4294925297, 4294925369, 4294925627, 4294925639, 4294925729, 4294925747, 4294925873, + 4294925891, 4294925933, 4294926047, 4294926059, 4294926209, 4294926221, 4294926233, 4294926257, 4294926329, + 4294926371, 4294926401, 4294926413, 4294926437, 4294926563, 4294926569, 4294926917, 4294926923, 4294926947, + 4294926971, 4294927067, 4294927073, 4294927151, 4294927349, 4294927367, 4294927403, 4294927481, 4294927523, + 4294927553, 4294927589, 4294927649, 4294927673, 4294927727, 4294927739, 4294927763, 4294927889, 4294928183, + 4294928207, 4294928249, 4294928327, 4294928351, 4294928399, 4294928483, 4294928489, 4294928543, 4294928597, + 4294928951, 4294928963, 4294928981, 4294929017, 4294929059, 4294929161, 4294929197, 4294929233, 4294929269, + 4294929311, 4294929323, 4294929341, 4294929383, 4294929401, 4294929497, 4294929509, 4294929581, 4294929707, + 4294929743, 4294930043, 4294930121, 4294930193, 4294930223, 4294930349, 4294930403, 4294930571, 4294930613, + 4294930721, 4294930751, 4294930877, 4294930931, 4294930961, 4294930967, 4294930973, 4294931021, 4294931051, + 4294931057, 4294931063, 4294931219, 4294931273, 4294931339, 4294931423, 4294931441, 4294931453, 4294931567, + 4294931639, 4294931717, 4294931897, 4294931969, 4294932023, 4294932053, 4294932239, 4294932299, 4294932443, + 4294932671, 4294932677, 4294932731, 4294932743, 4294932767, 4294932773, 4294932779, 4294932881, 4294932899, + 4294932929, 4294933067, 4294933277, 4294933307, 4294933343, 4294933451, 4294933523, 4294933763, 4294933793, + 4294933829, 4294933847, 4294933871, 4294933997, 4294934033, 4294934111, 4294934207, 4294934243, 4294934267, + 4294934279, 4294934291, 4294934327, 4294934363, 4294934423, 4294934489, 4294934561, 4294934867, 4294934921, + 4294934969, 4294935137, 4294935239, 4294935299, 4294935431, 4294935539, 4294935629, 4294935701, 4294935791, + 4294935797, 4294935803, 4294935959, 4294936001, 4294936007, 4294936037, 4294936079, 4294936127, 4294936163, + 4294936247, 4294936307, 4294936331, 4294936409, 4294936451, 4294936601, 4294936607, 4294936619, 4294936667, + 4294936709, 4294936733, 4294936751, 4294936763, 4294936829, 4294936937, 4294936997, 4294937027, 4294937051, + 4294937093, 4294937177, 4294937213, 4294937291, 4294937381, 4294937417, 4294937429, 4294937681, 4294937693, + 4294937753, 4294937771, 4294937813, 4294937837, 4294937891, 4294937969, 4294938071, 4294938101, 4294938323, + 4294938371, 4294938401, 4294938467, 4294938473, 4294938521, 4294938599, 4294938731, 4294938779, 4294938833, + 4294938899, 4294938977, 4294938983, 4294939067, 4294939127, 4294939223, 4294939277, 4294939331, 4294939337, + 4294939391, 4294939457, 4294939559, 4294939673, 4294939691, 4294939901, 4294939991, 4294940087, 4294940093, + 4294940189, 4294940213, 4294940417, 4294940657, 4294940699, 4294940753, 4294940801, 4294940873, 4294940951, + 4294941047, 4294941143, 4294941161, 4294941227, 4294941281, 4294941377, 4294941509, 4294941551, 4294941701, + 4294941731, 4294941767, 4294941911, 4294941923, 4294942043, 4294942139, 4294942313, 4294942343, 4294942373, + 4294942427, 4294942529, 4294942601, 4294942649, 4294942673, 4294942679, 4294942733, 4294942769, 4294942811, + 4294942961, 4294943129, 4294943141, 4294943219, 4294943369, 4294943423, 4294943471, 4294943651, 4294943687, + 4294943717, 4294943729, 4294943747, 4294943759, 4294943813, 4294943819, 4294943891, 4294944077, 4294944191, + 4294944233, 4294944239, 4294944353, 4294944389, 4294944581, 4294944623, 4294944629, 4294944659, 4294944821, + 4294945031, 4294945157, 4294945211, 4294945229, 4294945301, 4294945337, 4294945343, 4294945511, 4294945547, + 4294945667, 4294945709, 4294945757, 4294945841, 4294945991, 4294946033, 4294946099, 4294946153, 4294946477, + 4294946687, 4294946747, 4294946957, 4294946993, 4294947023, 4294947131, 4294947167, 4294947287, 4294947311, + 4294947413, 4294947581, 4294947599, 4294947671, 4294947851, 4294947959, 4294948067, 4294948073, 4294948193, + 4294948259, 4294948421, 4294948451, 4294948613, 4294948673, 4294948883, 4294949027, 4294949057, 4294949069, + 4294949519, 4294949531, 4294949603, 4294949609, 4294949627, 4294949693, 4294949729, 4294949741, 4294949807, + 4294949921, 4294949939, 4294949981, 4294949993, 4294950083, 4294950173, 4294950197, 4294950251, 4294950287, + 4294950317, 4294950323, 4294950329, 4294950581, 4294950593, 4294950617, 4294950629, 4294950713, 4294950929, + 4294951151, 4294951163, 4294951169, 4294951379, 4294951583, 4294951613, 4294951853, 4294951907, 4294951913, + 4294951937, 4294951961, 4294952063, 4294952183, 4294952393, 4294952543, 4294952549, 4294952597, 4294952627, + 4294952687, 4294952723, 4294952729, 4294952789, 4294952819, 4294952873, 4294952891, 4294952903, 4294952969, + 4294952999, 4294953023, 4294953107, 4294953173, 4294953281, 4294953341, 4294953431, 4294953599, 4294953689, + 4294953719, 4294953827, 4294953887, 4294953977, 4294954073, 4294954079, 4294954157, 4294954217, 4294954283, + 4294954607, 4294954667, 4294954859, 4294954901, 4294954973, 4294955081, 4294955237, 4294955273, 4294955327, + 4294955441, 4294955507, 4294955591, 4294955789, 4294955831, 4294955837, 4294955927, 4294955963, 4294955969, + 4294955987, 4294956041, 4294956047, 4294956197, 4294956323, 4294956359, 4294956551, 4294956593, 4294956623, + 4294956629, 4294956641, 4294956719, 4294956761, 4294956767, 4294956797, 4294956821, 4294956833, 4294957037, + 4294957079, 4294957103, 4294957181, 4294957349, 4294957379, 4294957433, 4294957463, 4294957511, 4294957577, + 4294957727, 4294957859, 4294957877, 4294958039, 4294958153, 4294958309, 4294958417, 4294958441, 4294958693, + 4294958717, 4294958753, 4294958903, 4294958909, 4294959017, 4294959071, 4294959107, 4294959161, 4294959257, + 4294959299, 4294959329, 4294959431, 4294959593, 4294959599, 4294959659, 4294959893, 4294959917, 4294959983, + 4294960001, 4294960031, 4294960061, 4294960079, 4294960097, 4294960271, 4294960283, 4294960349, 4294960367, + 4294960421, 4294960529, 4294960541, 4294960583, 4294960613, 4294960673, 4294960691, 4294960697, 4294960787, + 4294960919, 4294961003, 4294961039, 4294961153, 4294961159, 4294961171, 4294961321, 4294961411, 4294961471, + 4294961507, 4294961537, 4294961669, 4294961717, 4294961741, 4294961873, 4294962059, 4294962137, 4294962167, + 4294962263, 4294962281, 4294962311, 4294962341, 4294962413, 4294962521, 4294962563, 4294962761, 4294962893, + 4294963103, 4294963163, 4294963223, 4294963313, 4294963349, 4294963427, 4294963547, 4294963559, 4294963721, + 4294963799, 4294963817, 4294963901, 4294963919, 4294964021, 4294964279, 4294964297, 4294964363, 4294964387, + 4294964411, 4294964567, 4294964603, 4294964687, 4294964777, 4294965041, 4294965071, 4294965119, 4294965221, + 4294965251, 4294965287, 4294965413, 4294965569, 4294965647, 4294965671, 4294965689, 4294965779, 4294965839, + 4294965893, 4294966091, 4294966109, 4294966127, 4294966157, 4294966187, 4294966199, 4294966211, 4294966403, + 4294966457, 4294966499, 4294966541, 4294966637, 4294966661, 4294966739, 4294966823, 4294966883, 4294966901, + 4294966961, 4294967027, 4294967087, 4294967099, 4294967123, 4294967153, 4294967249 }; #ifdef ZT_NO_IEEE_DOUBLE @@ -158,10 +218,10 @@ uint64_t delay(const uint8_t challenge[32], const unsigned long rounds) uint64_t k[34]; fillK(k, challenge); - const uint64_t p = 0x000fffff00000000ULL | (uint64_t)ZT_MIMC52_PRIMES[((unsigned long)k[32]) & 1023]; - const uint64_t e = ((p * 2ULL) - 1ULL) / 3ULL; + const uint64_t p = 0x000fffff00000000ULL | (uint64_t)ZT_MIMC52_PRIMES[((unsigned long)k[32]) & 1023]; + const uint64_t e = ((p * 2ULL) - 1ULL) / 3ULL; const uint64_t m52 = 0xfffffffffffffULL; - const double pf = (double)p; + const double pf = (double)p; uint64_t x = k[33] % p; for (unsigned long r = 0, kn = rounds; r < rounds; ++r) { @@ -177,14 +237,14 @@ bool verify(const uint8_t challenge[32], const unsigned long rounds, uint64_t pr uint64_t k[34]; fillK(k, challenge); - const uint64_t p = 0x000fffff00000000ULL | (uint64_t)ZT_MIMC52_PRIMES[((unsigned long)k[32]) & 1023]; + const uint64_t p = 0x000fffff00000000ULL | (uint64_t)ZT_MIMC52_PRIMES[((unsigned long)k[32]) & 1023]; const uint64_t m52 = 0xfffffffffffffULL; - const double pf = (double)p; + const double pf = (double)p; for (unsigned long r = 0; r < rounds; ++r) { const uint64_t kk = k[r & 31]; - proof = mulmod52(mulmod52(proof, proof, p, pf), proof, p, pf); // y = y ^ 3 - proof = (proof + kk) & m52; + proof = mulmod52(mulmod52(proof, proof, p, pf), proof, p, pf); // y = y ^ 3 + proof = (proof + kk) & m52; } return ((proof % p) == (k[33] % p)); diff --git a/core/Member.cpp b/core/Member.cpp index 267a2c919..a56b27833 100644 --- a/core/Member.cpp +++ b/core/Member.cpp @@ -21,13 +21,18 @@ namespace ZeroTier { -Member::Member() : m_comRevocationThreshold(0), m_lastPushedCredentials(0), m_comAgreementLocalTimestamp(0), m_comAgreementRemoteTimestamp(0) +Member::Member() + : m_comRevocationThreshold(0) + , m_lastPushedCredentials(0) + , m_comAgreementLocalTimestamp(0) + , m_comAgreementRemoteTimestamp(0) { } -void Member::pushCredentials(const Context& ctx, const CallContext& cc, const SharedPtr& to, const NetworkConfig& nconf) +void Member::pushCredentials( + const Context &ctx, const CallContext &cc, const SharedPtr &to, const NetworkConfig &nconf) { - if (! nconf.com) // sanity check + if (!nconf.com) // sanity check return; #if 0 @@ -112,24 +117,30 @@ void Member::pushCredentials(const Context& ctx, const CallContext& cc, const Sh m_lastPushedCredentials = cc.ticks; } -void Member::clean(const NetworkConfig& nconf) +void Member::clean(const NetworkConfig &nconf) { m_cleanCredImpl(nconf, m_remoteTags); m_cleanCredImpl(nconf, m_remoteCaps); m_cleanCredImpl(nconf, m_remoteCoos); } -Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const MembershipCredential& com) +Member::AddCredentialResult Member::addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const MembershipCredential &com) { const int64_t newts = com.timestamp(); if (newts <= m_comRevocationThreshold) { - ctx.t->credentialRejected(cc, 0xd9992121, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED); + ctx.t->credentialRejected( + cc, 0xd9992121, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED); return ADD_REJECTED; } const int64_t oldts = m_com.timestamp(); if (newts < oldts) { - ctx.t->credentialRejected(cc, 0xd9928192, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST); + ctx.t->credentialRejected( + cc, 0xd9928192, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST); return ADD_REJECTED; } if ((newts == oldts) && (m_com == com)) @@ -137,74 +148,92 @@ Member::AddCredentialResult Member::addCredential(const Context& ctx, const Call switch (com.verify(ctx, cc)) { default: - ctx.t->credentialRejected(cc, 0x0f198241, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); + ctx.t->credentialRejected( + cc, 0x0f198241, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); return Member::ADD_REJECTED; - case Credential::VERIFY_OK: - m_com = com; - return ADD_ACCEPTED_NEW; + case Credential::VERIFY_OK: m_com = com; return ADD_ACCEPTED_NEW; case Credential::VERIFY_BAD_SIGNATURE: - ctx.t->credentialRejected(cc, 0xbaf0aaaa, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, ZT_TRACE_CREDENTIAL_REJECTION_REASON_SIGNATURE_VERIFICATION_FAILED); + ctx.t->credentialRejected( + cc, 0xbaf0aaaa, com.networkId(), sourcePeerIdentity, com.id(), com.timestamp(), ZT_CREDENTIAL_TYPE_COM, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_SIGNATURE_VERIFICATION_FAILED); return ADD_REJECTED; - case Credential::VERIFY_NEED_IDENTITY: - return ADD_DEFERRED_FOR_WHOIS; + case Credential::VERIFY_NEED_IDENTITY: return ADD_DEFERRED_FOR_WHOIS; } } // 3/5 of the credential types have identical addCredential() code template -static ZT_INLINE Member::AddCredentialResult -_addCredImpl(Map& remoteCreds, const Map& revocations, const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const C& cred) +static ZT_INLINE Member::AddCredentialResult _addCredImpl( + Map &remoteCreds, const Map &revocations, const Context &ctx, const CallContext &cc, + const Identity &sourcePeerIdentity, const NetworkConfig &nconf, const C &cred) { typename Map::const_iterator rc(remoteCreds.find(cred.id())); if (rc != remoteCreds.end()) { if (rc->second.revision() > cred.revision()) { - ctx.t->credentialRejected(cc, 0x40000001, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST); + ctx.t->credentialRejected( + cc, 0x40000001, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), + ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST); return Member::ADD_REJECTED; } if (rc->second == cred) return Member::ADD_ACCEPTED_REDUNDANT; } - typename Map::const_iterator rt(revocations.find(Member::credentialKey(C::credentialType(), cred.id()))); + typename Map::const_iterator rt( + revocations.find(Member::credentialKey(C::credentialType(), cred.id()))); if ((rt != revocations.end()) && (rt->second >= cred.revision())) { - ctx.t->credentialRejected(cc, 0x24248124, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED); + ctx.t->credentialRejected( + cc, 0x24248124, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), + ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED); return Member::ADD_REJECTED; } switch (cred.verify(ctx, cc)) { default: - ctx.t->credentialRejected(cc, 0x01feba012, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); + ctx.t->credentialRejected( + cc, 0x01feba012, nconf.networkId, sourcePeerIdentity, cred.id(), cred.revision(), C::credentialType(), + ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); return Member::ADD_REJECTED; case 0: if (rc == remoteCreds.end()) remoteCreds[cred.id()] = cred; return Member::ADD_ACCEPTED_NEW; - case 1: - return Member::ADD_DEFERRED_FOR_WHOIS; + case 1: return Member::ADD_DEFERRED_FOR_WHOIS; } } -Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const TagCredential& tag) +Member::AddCredentialResult Member::addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const TagCredential &tag) { return _addCredImpl(m_remoteTags, m_revocations, ctx, cc, sourcePeerIdentity, nconf, tag); } -Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const CapabilityCredential& cap) +Member::AddCredentialResult Member::addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const CapabilityCredential &cap) { return _addCredImpl(m_remoteCaps, m_revocations, ctx, cc, sourcePeerIdentity, nconf, cap); } -Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const OwnershipCredential& coo) +Member::AddCredentialResult Member::addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const OwnershipCredential &coo) { return _addCredImpl(m_remoteCoos, m_revocations, ctx, cc, sourcePeerIdentity, nconf, coo); } -Member::AddCredentialResult Member::addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const RevocationCredential& rev) +Member::AddCredentialResult Member::addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const RevocationCredential &rev) { - int64_t* rt; + int64_t *rt; switch (rev.verify(ctx, cc)) { default: - ctx.t->credentialRejected(cc, 0x938ff009, nconf.networkId, sourcePeerIdentity, rev.id(), 0, ZT_CREDENTIAL_TYPE_REVOCATION, ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); + ctx.t->credentialRejected( + cc, 0x938ff009, nconf.networkId, sourcePeerIdentity, rev.id(), 0, ZT_CREDENTIAL_TYPE_REVOCATION, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); return ADD_REJECTED; case 0: { const ZT_CredentialType ct = rev.typeBeingRevoked(); @@ -220,24 +249,28 @@ Member::AddCredentialResult Member::addCredential(const Context& ctx, const Call case ZT_CREDENTIAL_TYPE_COO: rt = &(m_revocations[credentialKey(ct, rev.credentialId())]); if (*rt < rev.threshold()) { - *rt = rev.threshold(); + *rt = rev.threshold(); m_comRevocationThreshold = rev.threshold(); return ADD_ACCEPTED_NEW; } return ADD_ACCEPTED_REDUNDANT; default: - ctx.t->credentialRejected(cc, 0x0bbbb1a4, nconf.networkId, sourcePeerIdentity, rev.id(), 0, ZT_CREDENTIAL_TYPE_REVOCATION, ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); + ctx.t->credentialRejected( + cc, 0x0bbbb1a4, nconf.networkId, sourcePeerIdentity, rev.id(), 0, ZT_CREDENTIAL_TYPE_REVOCATION, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID); return ADD_REJECTED; } } - case 1: - return ADD_DEFERRED_FOR_WHOIS; + case 1: return ADD_DEFERRED_FOR_WHOIS; } } -bool Member::m_isUnspoofableAddress(const NetworkConfig& nconf, const InetAddress& ip) const noexcept +bool Member::m_isUnspoofableAddress(const NetworkConfig &nconf, const InetAddress &ip) const noexcept { - return (ip.isV6() && nconf.ndpEmulation() && ((ip == InetAddress::makeIpv66plane(nconf.networkId, m_com.issuedTo().address)) || (ip == InetAddress::makeIpv6rfc4193(nconf.networkId, m_com.issuedTo().address)))); + return ( + ip.isV6() && nconf.ndpEmulation() + && ((ip == InetAddress::makeIpv66plane(nconf.networkId, m_com.issuedTo().address)) + || (ip == InetAddress::makeIpv6rfc4193(nconf.networkId, m_com.issuedTo().address)))); } } // namespace ZeroTier diff --git a/core/Member.hpp b/core/Member.hpp index e96c35f84..af693a8f8 100644 --- a/core/Member.hpp +++ b/core/Member.hpp @@ -48,15 +48,13 @@ class Member { * @param to Peer identity * @param nconf My network config */ - void pushCredentials(const Context& ctx, const CallContext& cc, const SharedPtr& to, const NetworkConfig& nconf); + void + pushCredentials(const Context &ctx, const CallContext &cc, const SharedPtr &to, const NetworkConfig &nconf); /** * @return Time we last pushed credentials to this member */ - ZT_INLINE int64_t lastPushedCredentials() const noexcept - { - return m_lastPushedCredentials; - } + ZT_INLINE int64_t lastPushedCredentials() const noexcept { return m_lastPushedCredentials; } /** * Get a remote member's tag (if we have it) @@ -65,10 +63,12 @@ class Member { * @param id Tag ID * @return Pointer to tag or NULL if not found */ - ZT_INLINE const TagCredential* getTag(const NetworkConfig& nconf, const uint32_t id) const noexcept + ZT_INLINE const TagCredential *getTag(const NetworkConfig &nconf, const uint32_t id) const noexcept { Map::const_iterator t(m_remoteTags.find(id)); - return (((t != m_remoteTags.end()) && (m_isCredentialTimestampValid(nconf, t->second))) ? &(t->second) : (TagCredential*)0); + return ( + ((t != m_remoteTags.end()) && (m_isCredentialTimestampValid(nconf, t->second))) ? &(t->second) + : (TagCredential *)0); } /** @@ -76,12 +76,12 @@ class Member { * * @param nconf Current network configuration */ - void clean(const NetworkConfig& nconf); + void clean(const NetworkConfig &nconf); /** * Generates a key for internal use in indexing credentials by type and credential ID */ - static ZT_INLINE uint64_t credentialKey(const ZT_CredentialType& t, const uint32_t i) noexcept + static ZT_INLINE uint64_t credentialKey(const ZT_CredentialType &t, const uint32_t i) noexcept { return (((uint64_t)t << 32U) | (uint64_t)i); } @@ -94,7 +94,7 @@ class Member { * @param r Resource to check * @return True if this peer has a certificate of ownership for the given resource */ - template ZT_INLINE bool peerOwnsAddress(const NetworkConfig& nconf, const T& r) const noexcept + template ZT_INLINE bool peerOwnsAddress(const NetworkConfig &nconf, const T &r) const noexcept { if (m_isUnspoofableAddress(nconf, r)) return true; @@ -110,9 +110,10 @@ class Member { * * @param localCom */ - ZT_INLINE bool certificateOfMembershipAgress(const MembershipCredential& localCom, const Identity& remoteIdentity) + ZT_INLINE bool certificateOfMembershipAgress(const MembershipCredential &localCom, const Identity &remoteIdentity) { - if ((m_comAgreementLocalTimestamp == localCom.timestamp()) && (m_comAgreementRemoteTimestamp == m_com.timestamp())) + if ((m_comAgreementLocalTimestamp == localCom.timestamp()) + && (m_comAgreementRemoteTimestamp == m_com.timestamp())) return true; if (m_com.agreesWith(localCom)) { // SECURITY: newer network controllers embed the full fingerprint into the COM. If we are @@ -134,7 +135,7 @@ class Member { // Remember that these two COMs agreed. If any are updated this is invalidated and a full // agreement check will be done again. - m_comAgreementLocalTimestamp = localCom.timestamp(); + m_comAgreementLocalTimestamp = localCom.timestamp(); m_comAgreementRemoteTimestamp = m_com.timestamp(); return true; @@ -142,39 +143,49 @@ class Member { return false; } - AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const MembershipCredential& com); - AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const TagCredential& tag); - AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const CapabilityCredential& cap); - AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const OwnershipCredential& coo); - AddCredentialResult addCredential(const Context& ctx, const CallContext& cc, const Identity& sourcePeerIdentity, const NetworkConfig& nconf, const RevocationCredential& rev); + AddCredentialResult addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const MembershipCredential &com); + AddCredentialResult addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const TagCredential &tag); + AddCredentialResult addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const CapabilityCredential &cap); + AddCredentialResult addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const OwnershipCredential &coo); + AddCredentialResult addCredential( + const Context &ctx, const CallContext &cc, const Identity &sourcePeerIdentity, const NetworkConfig &nconf, + const RevocationCredential &rev); private: // This returns true if a resource is an IPv6 NDP-emulated address. These embed the ZT // address of the peer and therefore cannot be spoofed, causing peerOwnsAddress() to // always return true for them. A certificate is not required for these. - ZT_INLINE bool m_isUnspoofableAddress(const NetworkConfig& nconf, const MAC& m) const noexcept - { - return false; - } + ZT_INLINE bool m_isUnspoofableAddress(const NetworkConfig &nconf, const MAC &m) const noexcept { return false; } - bool m_isUnspoofableAddress(const NetworkConfig& nconf, const InetAddress& ip) const noexcept; + bool m_isUnspoofableAddress(const NetworkConfig &nconf, const InetAddress &ip) const noexcept; // This compares the remote credential's timestamp to the timestamp in our network config // plus or minus the permitted maximum timestamp delta. - template ZT_INLINE bool m_isCredentialTimestampValid(const NetworkConfig& nconf, const C& remoteCredential) const noexcept + template + ZT_INLINE bool m_isCredentialTimestampValid(const NetworkConfig &nconf, const C &remoteCredential) const noexcept { const int64_t ts = remoteCredential.revision(); - if (((ts >= nconf.timestamp) ? (ts - nconf.timestamp) : (nconf.timestamp - ts)) <= nconf.credentialTimeMaxDelta) { - Map::const_iterator threshold(m_revocations.find(credentialKey(C::credentialType(), remoteCredential.id()))); + if (((ts >= nconf.timestamp) ? (ts - nconf.timestamp) : (nconf.timestamp - ts)) + <= nconf.credentialTimeMaxDelta) { + Map::const_iterator threshold( + m_revocations.find(credentialKey(C::credentialType(), remoteCredential.id()))); return ((threshold == m_revocations.end()) || (ts > threshold->second)); } return false; } - template ZT_INLINE void m_cleanCredImpl(const NetworkConfig& nconf, Map& remoteCreds) + template ZT_INLINE void m_cleanCredImpl(const NetworkConfig &nconf, Map &remoteCreds) { for (typename Map::iterator i(remoteCreds.begin()); i != remoteCreds.end();) { - if (! m_isCredentialTimestampValid(nconf, i->second)) + if (!m_isCredentialTimestampValid(nconf, i->second)) remoteCreds.erase(i++); else ++i; @@ -204,14 +215,14 @@ class Member { public: class CapabilityIterator { public: - ZT_INLINE CapabilityIterator(Member& m, const NetworkConfig& nconf) noexcept + ZT_INLINE CapabilityIterator(Member &m, const NetworkConfig &nconf) noexcept : m_hti(m.m_remoteCaps.begin()) , m_parent(m) , m_nconf(nconf) { } - ZT_INLINE CapabilityCredential* next() noexcept + ZT_INLINE CapabilityCredential *next() noexcept { while (m_hti != m_parent.m_remoteCaps.end()) { Map::iterator i(m_hti++); @@ -223,8 +234,8 @@ class Member { private: Map::iterator m_hti; - Member& m_parent; - const NetworkConfig& m_nconf; + Member &m_parent; + const NetworkConfig &m_nconf; }; }; diff --git a/core/MembershipCredential.cpp b/core/MembershipCredential.cpp index bf583605e..7d5f7fcbb 100644 --- a/core/MembershipCredential.cpp +++ b/core/MembershipCredential.cpp @@ -16,12 +16,10 @@ namespace ZeroTier { MembershipCredential::MembershipCredential( - const int64_t timestamp, - const int64_t timestampMaxDelta, - const uint64_t nwid, - const Identity& issuedTo) noexcept + const int64_t timestamp, const int64_t timestampMaxDelta, const uint64_t nwid, + const Identity &issuedTo) noexcept : // NOLINT(cppcoreguidelines-pro-type-member-init,hicpp-member-init) - m_timestamp(timestamp) + m_timestamp(timestamp) , m_timestampMaxDelta(timestampMaxDelta) , m_networkId(nwid) , m_issuedTo(issuedTo.fingerprint()) @@ -29,7 +27,7 @@ MembershipCredential::MembershipCredential( { } -bool MembershipCredential::agreesWith(const MembershipCredential& other) const noexcept +bool MembershipCredential::agreesWith(const MembershipCredential &other) const noexcept { // NOTE: we always do explicit absolute value with an if() since llabs() can have overflow // conditions that could introduce a vulnerability. @@ -44,16 +42,20 @@ bool MembershipCredential::agreesWith(const MembershipCredential& other) const n } // us <> them - for (FCV::const_iterator i(m_additionalQualifiers.begin()); i != m_additionalQualifiers.end(); ++i) { + for (FCV::const_iterator i( + m_additionalQualifiers.begin()); + i != m_additionalQualifiers.end(); ++i) { if (i->delta != 0xffffffffffffffffULL) { - const uint64_t* v2 = nullptr; - for (FCV::const_iterator j(other.m_additionalQualifiers.begin()); j != other.m_additionalQualifiers.end(); ++i) { + const uint64_t *v2 = nullptr; + for (FCV::const_iterator j( + other.m_additionalQualifiers.begin()); + j != other.m_additionalQualifiers.end(); ++i) { if (j->id == i->id) { v2 = &(j->value); break; } } - if (! v2) + if (!v2) return false; if (*v2 > i->value) { if ((*v2 - i->value) > i->delta) @@ -67,16 +69,20 @@ bool MembershipCredential::agreesWith(const MembershipCredential& other) const n } // them <> us (we need a second pass in case they have qualifiers we don't or vice versa) - for (FCV::const_iterator i(other.m_additionalQualifiers.begin()); i != other.m_additionalQualifiers.end(); ++i) { + for (FCV::const_iterator i( + other.m_additionalQualifiers.begin()); + i != other.m_additionalQualifiers.end(); ++i) { if (i->delta != 0xffffffffffffffffULL) { - const uint64_t* v2 = nullptr; - for (FCV::const_iterator j(m_additionalQualifiers.begin()); j != m_additionalQualifiers.end(); ++i) { + const uint64_t *v2 = nullptr; + for (FCV::const_iterator j( + m_additionalQualifiers.begin()); + j != m_additionalQualifiers.end(); ++i) { if (j->id == i->id) { v2 = &(j->value); break; } } - if (! v2) + if (!v2) return false; if (*v2 > i->value) { if ((*v2 - i->value) > i->delta) @@ -94,12 +100,12 @@ bool MembershipCredential::agreesWith(const MembershipCredential& other) const n return (other.m_networkId == m_networkId) && (m_networkId != 0) && (other.m_issuedTo.address != m_issuedTo.address); } -bool MembershipCredential::sign(const Identity& with) noexcept +bool MembershipCredential::sign(const Identity &with) noexcept { m_signedBy = with.address(); uint64_t buf[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX / 8]; const unsigned int bufSize = m_fillSigningBuf(buf); - m_signatureLength = with.sign(buf, bufSize, m_signature, sizeof(m_signature)); + m_signatureLength = with.sign(buf, bufSize, m_signature, sizeof(m_signature)); return m_signatureLength > 0; } @@ -132,7 +138,8 @@ int MembershipCredential::marshal(uint8_t data[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_ Utils::storeBigEndian(data + 1, 9); for (int k = 0; k < 6; ++k) { Utils::storeBigEndian(data + p, (uint64_t)k + 3); - Utils::storeMachineEndian(data + p + 8, Utils::loadMachineEndian(m_issuedTo.hash + (k * 8))); + Utils::storeMachineEndian( + data + p + 8, Utils::loadMachineEndian(m_issuedTo.hash + (k * 8))); Utils::storeMachineEndian(data + p + 16, 0xffffffffffffffffULL); p += 24; } @@ -157,7 +164,7 @@ int MembershipCredential::marshal(uint8_t data[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_ return p; } -int MembershipCredential::unmarshal(const uint8_t* data, int len) noexcept +int MembershipCredential::unmarshal(const uint8_t *data, int len) noexcept { if (len < (1 + 2 + 72)) return -1; @@ -179,35 +186,21 @@ int MembershipCredential::unmarshal(const uint8_t* data, int len) noexcept p += 8; // NOLINT(hicpp-use-auto,modernize-use-auto) switch (id) { case 0: - m_timestamp = (int64_t)value; + m_timestamp = (int64_t)value; m_timestampMaxDelta = (int64_t)delta; break; - case 1: - m_networkId = value; - break; + case 1: m_networkId = value; break; case 2: m_issuedTo.address = value; break; // V1 nodes will pack the hash into qualifier tuples. - case 3: - Utils::storeBigEndian(m_issuedTo.hash, value); - break; - case 4: - Utils::storeBigEndian(m_issuedTo.hash + 8, value); - break; - case 5: - Utils::storeBigEndian(m_issuedTo.hash + 16, value); - break; - case 6: - Utils::storeBigEndian(m_issuedTo.hash + 24, value); - break; - case 7: - Utils::storeBigEndian(m_issuedTo.hash + 32, value); - break; - case 8: - Utils::storeBigEndian(m_issuedTo.hash + 40, value); - break; + case 3: Utils::storeBigEndian(m_issuedTo.hash, value); break; + case 4: Utils::storeBigEndian(m_issuedTo.hash + 8, value); break; + case 5: Utils::storeBigEndian(m_issuedTo.hash + 16, value); break; + case 6: Utils::storeBigEndian(m_issuedTo.hash + 24, value); break; + case 7: Utils::storeBigEndian(m_issuedTo.hash + 32, value); break; + case 8: Utils::storeBigEndian(m_issuedTo.hash + 40, value); break; default: if (m_additionalQualifiers.size() >= ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS) @@ -243,7 +236,7 @@ int MembershipCredential::unmarshal(const uint8_t* data, int len) noexcept return -1; } -unsigned int MembershipCredential::m_fillSigningBuf(uint64_t* buf) const noexcept +unsigned int MembershipCredential::m_fillSigningBuf(uint64_t *buf) const noexcept { const uint64_t informational = 0xffffffffffffffffULL; @@ -289,7 +282,9 @@ unsigned int MembershipCredential::m_fillSigningBuf(uint64_t* buf) const noexcep buf[p++] = informational; } - for (FCV::const_iterator i(m_additionalQualifiers.begin()); i != m_additionalQualifiers.end(); ++i) { // NOLINT(modernize-loop-convert) + for (FCV::const_iterator i( + m_additionalQualifiers.begin()); + i != m_additionalQualifiers.end(); ++i) { // NOLINT(modernize-loop-convert) buf[p++] = Utils::hton(i->id); buf[p++] = Utils::hton(i->value); buf[p++] = Utils::hton(i->delta); diff --git a/core/MembershipCredential.hpp b/core/MembershipCredential.hpp index 45f293205..1ed082344 100644 --- a/core/MembershipCredential.hpp +++ b/core/MembershipCredential.hpp @@ -30,7 +30,8 @@ #define ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS 8 // version + qualifier count + three required qualifiers + additional qualifiers + -#define ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX (1 + 2 + (3 * 3 * 8) + (ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS * 3 * 8) + 144 + 5 + 2 + 96) +#define ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX \ + (1 + 2 + (3 * 3 * 8) + (ZT_MEMBERSHIP_CREDENTIAL_MAX_ADDITIONAL_QUALIFIERS * 3 * 8) + 144 + 5 + 2 + 96) namespace ZeroTier { @@ -100,18 +101,12 @@ class MembershipCredential : public Credential { friend class Credential; public: - static constexpr ZT_CredentialType credentialType() noexcept - { - return ZT_CREDENTIAL_TYPE_COM; - } + static constexpr ZT_CredentialType credentialType() noexcept { return ZT_CREDENTIAL_TYPE_COM; } /** * Create an empty certificate of membership */ - ZT_INLINE MembershipCredential() noexcept - { - memoryZero(this); - } + ZT_INLINE MembershipCredential() noexcept { memoryZero(this); } /** * Create from required fields common to all networks @@ -121,60 +116,40 @@ class MembershipCredential : public Credential { * @param nwid Network ID * @param issuedTo Certificate recipient */ - MembershipCredential(int64_t timestamp, int64_t timestampMaxDelta, uint64_t nwid, const Identity& issuedTo) noexcept; + MembershipCredential( + int64_t timestamp, int64_t timestampMaxDelta, uint64_t nwid, const Identity &issuedTo) noexcept; /** * @return True if there's something here */ - ZT_INLINE operator bool() const noexcept - { - return (m_networkId != 0); - } + ZT_INLINE operator bool() const noexcept { return (m_networkId != 0); } /** * @return Credential ID, always 0 for COMs */ - ZT_INLINE uint32_t id() const noexcept - { - return 0; - } + ZT_INLINE uint32_t id() const noexcept { return 0; } /** * @return Timestamp for this cert and maximum delta for timestamp */ - ZT_INLINE int64_t timestamp() const noexcept - { - return m_timestamp; - } + ZT_INLINE int64_t timestamp() const noexcept { return m_timestamp; } - ZT_INLINE int64_t revision() const noexcept - { - return m_timestamp; - } + ZT_INLINE int64_t revision() const noexcept { return m_timestamp; } /** * @return Maximum allowed difference between timestamps */ - ZT_INLINE int64_t timestampMaxDelta() const noexcept - { - return m_timestampMaxDelta; - } + ZT_INLINE int64_t timestampMaxDelta() const noexcept { return m_timestampMaxDelta; } /** * @return Fingerprint of identity to which this cert was issued */ - ZT_INLINE const Fingerprint& issuedTo() const noexcept - { - return m_issuedTo; - } + ZT_INLINE const Fingerprint &issuedTo() const noexcept { return m_issuedTo; } /** * @return Network ID for which this cert was issued */ - ZT_INLINE uint64_t networkId() const noexcept - { - return m_networkId; - } + ZT_INLINE uint64_t networkId() const noexcept { return m_networkId; } /** * Compare two certificates for parameter agreement @@ -189,7 +164,7 @@ class MembershipCredential : public Credential { * @param other Cert to compare with * @return True if certs agree and 'other' may be communicated with */ - bool agreesWith(const MembershipCredential& other) const noexcept; + bool agreesWith(const MembershipCredential &other) const noexcept; /** * Sign this certificate @@ -197,7 +172,7 @@ class MembershipCredential : public Credential { * @param with Identity to sign with, must include private key * @return True if signature was successful */ - bool sign(const Identity& with) noexcept; + bool sign(const Identity &with) noexcept; /** * Verify this COM and its signature @@ -205,29 +180,21 @@ class MembershipCredential : public Credential { * @param RR Runtime environment for looking up peers * @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call */ - ZT_INLINE Credential::VerifyResult verify(const Context& ctx, const CallContext& cc) const + ZT_INLINE Credential::VerifyResult verify(const Context &ctx, const CallContext &cc) const { return s_verify(ctx, cc, *this); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_MEMBERSHIP_CREDENTIAL_MARSHAL_SIZE_MAX], bool v2 = false) const noexcept; - int unmarshal(const uint8_t* data, int len) noexcept; + int unmarshal(const uint8_t *data, int len) noexcept; private: - unsigned int m_fillSigningBuf(uint64_t* buf) const noexcept; + unsigned int m_fillSigningBuf(uint64_t *buf) const noexcept; struct p_Qualifier { - ZT_INLINE p_Qualifier() noexcept - : id(0) - , value(0) - , delta(0) - { - } + ZT_INLINE p_Qualifier() noexcept : id(0), value(0), delta(0) {} ZT_INLINE p_Qualifier(const uint64_t id_, const uint64_t value_, const uint64_t delta_) noexcept : id(id_) @@ -239,10 +206,7 @@ class MembershipCredential : public Credential { uint64_t id; uint64_t value; uint64_t delta; - ZT_INLINE bool operator<(const p_Qualifier& q) const noexcept - { - return (id < q.id); - } // sort order + ZT_INLINE bool operator<(const p_Qualifier &q) const noexcept { return (id < q.id); } // sort order }; FCV m_additionalQualifiers; diff --git a/core/Meter.hpp b/core/Meter.hpp index 1424f7313..83c5452bd 100644 --- a/core/Meter.hpp +++ b/core/Meter.hpp @@ -41,9 +41,7 @@ template class Meter { * * @param now Start time */ - ZT_INLINE Meter() noexcept - { - } + ZT_INLINE Meter() noexcept {} /** * Add a measurement @@ -58,7 +56,8 @@ template class Meter { // to it. const unsigned long bucket = ((unsigned long)(ts / TUNIT)) % LSIZE; if (unlikely(m_bucket.exchange(bucket, std::memory_order_relaxed) != bucket)) { - m_totalExclCounts.fetch_add(m_counts[bucket].exchange(count, std::memory_order_relaxed), std::memory_order_relaxed); + m_totalExclCounts.fetch_add( + m_counts[bucket].exchange(count, std::memory_order_relaxed), std::memory_order_relaxed); } else { m_counts[bucket].fetch_add(count, std::memory_order_relaxed); @@ -72,7 +71,7 @@ template class Meter { * @param rate Result parameter: rate in count/TUNIT * @param total Total count for life of object */ - ZT_INLINE void rate(double& rate, uint64_t& total) const noexcept + ZT_INLINE void rate(double &rate, uint64_t &total) const noexcept { total = 0; for (unsigned long i = 0; i < LSIZE; ++i) diff --git a/core/MulticastGroup.hpp b/core/MulticastGroup.hpp index fb76e3556..e3672a722 100644 --- a/core/MulticastGroup.hpp +++ b/core/MulticastGroup.hpp @@ -39,17 +39,9 @@ namespace ZeroTier { */ class MulticastGroup : public TriviallyCopyable { public: - ZT_INLINE MulticastGroup() noexcept - : m_mac() - , m_adi(0) - { - } + ZT_INLINE MulticastGroup() noexcept : m_mac(), m_adi(0) {} - ZT_INLINE MulticastGroup(const MAC& m, uint32_t a) noexcept - : m_mac(m) - , m_adi(a) - { - } + ZT_INLINE MulticastGroup(const MAC &m, uint32_t a) noexcept : m_mac(m), m_adi(a) {} /** * Derive the multicast group used for address resolution (ARP/NDP) for an IP @@ -57,21 +49,22 @@ class MulticastGroup : public TriviallyCopyable { * @param ip IP address (port field is ignored) * @return Multicast group for ARP/NDP */ - static ZT_INLINE MulticastGroup deriveMulticastGroupForAddressResolution(const InetAddress& ip) noexcept + static ZT_INLINE MulticastGroup deriveMulticastGroupForAddressResolution(const InetAddress &ip) noexcept { if (ip.isV4()) { // IPv4 wants broadcast MACs, so we shove the V4 address itself into // the Multicast Group ADI field. Making V4 ARP work is basically why // ADI was added, as well as handling other things that want mindless // Ethernet broadcast to all. - return MulticastGroup(MAC(0xffffffffffffULL), Utils::ntoh(*((const uint32_t*)ip.rawIpData()))); + return MulticastGroup(MAC(0xffffffffffffULL), Utils::ntoh(*((const uint32_t *)ip.rawIpData()))); } else if (ip.isV6()) { // IPv6 is better designed in this respect. We can compute the IPv6 // multicast address directly from the IP address, and it gives us // 24 bits of uniqueness. Collisions aren't likely to be common enough // to care about. - const uint8_t* const a = reinterpret_cast(ip.rawIpData()); // NOLINT(hicpp-use-auto,modernize-use-auto) + const uint8_t *const a = + reinterpret_cast(ip.rawIpData()); // NOLINT(hicpp-use-auto,modernize-use-auto) return MulticastGroup(MAC(0x33, 0x33, 0xff, a[13], a[14], a[15]), 0); } return MulticastGroup(); // NOLINT(modernize-return-braced-init-list) @@ -80,31 +73,25 @@ class MulticastGroup : public TriviallyCopyable { /** * @return Ethernet MAC portion of multicast group */ - ZT_INLINE const MAC& mac() const noexcept - { - return m_mac; - } + ZT_INLINE const MAC &mac() const noexcept { return m_mac; } /** * @return Additional distinguishing information, which is normally zero except for IPv4 ARP where it's the IPv4 * address */ - ZT_INLINE uint32_t adi() const - { - return m_adi; - } + ZT_INLINE uint32_t adi() const { return m_adi; } - ZT_INLINE bool operator==(const MulticastGroup& g) const noexcept + ZT_INLINE bool operator==(const MulticastGroup &g) const noexcept { return ((m_mac == g.m_mac) && (m_adi == g.m_adi)); } - ZT_INLINE bool operator!=(const MulticastGroup& g) const noexcept + ZT_INLINE bool operator!=(const MulticastGroup &g) const noexcept { return ((m_mac != g.m_mac) || (m_adi != g.m_adi)); } - ZT_INLINE bool operator<(const MulticastGroup& g) const noexcept + ZT_INLINE bool operator<(const MulticastGroup &g) const noexcept { if (m_mac < g.m_mac) return true; @@ -113,25 +100,13 @@ class MulticastGroup : public TriviallyCopyable { return false; } - ZT_INLINE bool operator>(const MulticastGroup& g) const noexcept - { - return (g < *this); - } + ZT_INLINE bool operator>(const MulticastGroup &g) const noexcept { return (g < *this); } - ZT_INLINE bool operator<=(const MulticastGroup& g) const noexcept - { - return ! (g < *this); - } + ZT_INLINE bool operator<=(const MulticastGroup &g) const noexcept { return !(g < *this); } - ZT_INLINE bool operator>=(const MulticastGroup& g) const noexcept - { - return ! (*this < g); - } + ZT_INLINE bool operator>=(const MulticastGroup &g) const noexcept { return !(*this < g); } - ZT_INLINE unsigned long hashCode() const noexcept - { - return (m_mac.hashCode() + (unsigned long)m_adi); - } + ZT_INLINE unsigned long hashCode() const noexcept { return (m_mac.hashCode() + (unsigned long)m_adi); } private: MAC m_mac; diff --git a/core/Mutex.hpp b/core/Mutex.hpp index ec3206c49..338fe59a4 100644 --- a/core/Mutex.hpp +++ b/core/Mutex.hpp @@ -39,63 +39,29 @@ namespace ZeroTier { class Mutex { public: #ifdef ZT_USE_PTHREADS - ZT_INLINE Mutex() noexcept - { - pthread_mutex_init(&_mh, nullptr); - } - ZT_INLINE ~Mutex() noexcept - { - pthread_mutex_destroy(&_mh); - } - ZT_INLINE void lock() const noexcept - { - pthread_mutex_lock(&((const_cast(this))->_mh)); - } - ZT_INLINE void unlock() const noexcept - { - pthread_mutex_unlock(&((const_cast(this))->_mh)); - } + ZT_INLINE Mutex() noexcept { pthread_mutex_init(&_mh, nullptr); } + ZT_INLINE ~Mutex() noexcept { pthread_mutex_destroy(&_mh); } + ZT_INLINE void lock() const noexcept { pthread_mutex_lock(&((const_cast(this))->_mh)); } + ZT_INLINE void unlock() const noexcept { pthread_mutex_unlock(&((const_cast(this))->_mh)); } #else - ZT_INLINE Mutex() noexcept : _m() - { - } - ZT_INLINE void lock() const noexcept - { - const_cast(this)->_m.lock(); - } - ZT_INLINE void unlock() const noexcept - { - const_cast(this)->_m.unlock(); - } + ZT_INLINE Mutex() noexcept : _m() {} + ZT_INLINE void lock() const noexcept { const_cast(this)->_m.lock(); } + ZT_INLINE void unlock() const noexcept { const_cast(this)->_m.unlock(); } #endif class Lock { public: - explicit ZT_INLINE Lock(Mutex& m) noexcept : _m(&m) - { - m.lock(); - } - explicit ZT_INLINE Lock(const Mutex& m) noexcept : _m(const_cast(&m)) - { - _m->lock(); - } - ZT_INLINE ~Lock() - { - _m->unlock(); - } + explicit ZT_INLINE Lock(Mutex &m) noexcept : _m(&m) { m.lock(); } + explicit ZT_INLINE Lock(const Mutex &m) noexcept : _m(const_cast(&m)) { _m->lock(); } + ZT_INLINE ~Lock() { _m->unlock(); } private: - Mutex* const _m; + Mutex *const _m; }; private: - ZT_INLINE Mutex(const Mutex&) noexcept - { - } - ZT_INLINE const Mutex& operator=(const Mutex&) noexcept - { - return *this; - } + ZT_INLINE Mutex(const Mutex &) noexcept {} + ZT_INLINE const Mutex &operator=(const Mutex &) noexcept { return *this; } #ifdef ZT_USE_PTHREADS pthread_mutex_t _mh; @@ -110,50 +76,18 @@ class Mutex { class RWMutex { public: #ifdef ZT_USE_PTHREADS - ZT_INLINE RWMutex() noexcept - { - pthread_rwlock_init(&_mh, nullptr); - } - ZT_INLINE ~RWMutex() noexcept - { - pthread_rwlock_destroy(&_mh); - } - ZT_INLINE void lock() const noexcept - { - pthread_rwlock_wrlock(&((const_cast(this))->_mh)); - } - ZT_INLINE void rlock() const noexcept - { - pthread_rwlock_rdlock(&((const_cast(this))->_mh)); - } - ZT_INLINE void unlock() const noexcept - { - pthread_rwlock_unlock(&((const_cast(this))->_mh)); - } - ZT_INLINE void runlock() const noexcept - { - pthread_rwlock_unlock(&((const_cast(this))->_mh)); - } + ZT_INLINE RWMutex() noexcept { pthread_rwlock_init(&_mh, nullptr); } + ZT_INLINE ~RWMutex() noexcept { pthread_rwlock_destroy(&_mh); } + ZT_INLINE void lock() const noexcept { pthread_rwlock_wrlock(&((const_cast(this))->_mh)); } + ZT_INLINE void rlock() const noexcept { pthread_rwlock_rdlock(&((const_cast(this))->_mh)); } + ZT_INLINE void unlock() const noexcept { pthread_rwlock_unlock(&((const_cast(this))->_mh)); } + ZT_INLINE void runlock() const noexcept { pthread_rwlock_unlock(&((const_cast(this))->_mh)); } #else - ZT_INLINE RWMutex() noexcept : _m() - { - } - ZT_INLINE void lock() const noexcept - { - const_cast(this)->_m.lock(); - } - ZT_INLINE void rlock() const noexcept - { - const_cast(this)->_m.lock_shared(); - } - ZT_INLINE void unlock() const noexcept - { - const_cast(this)->_m.unlock(); - } - ZT_INLINE void runlock() const noexcept - { - const_cast(this)->_m.unlock_shared(); - } + ZT_INLINE RWMutex() noexcept : _m() {} + ZT_INLINE void lock() const noexcept { const_cast(this)->_m.lock(); } + ZT_INLINE void rlock() const noexcept { const_cast(this)->_m.lock_shared(); } + ZT_INLINE void unlock() const noexcept { const_cast(this)->_m.unlock(); } + ZT_INLINE void runlock() const noexcept { const_cast(this)->_m.unlock_shared(); } #endif /** @@ -161,21 +95,12 @@ class RWMutex { */ class RLock { public: - explicit ZT_INLINE RLock(RWMutex& m) noexcept : _m(&m) - { - m.rlock(); - } - explicit ZT_INLINE RLock(const RWMutex& m) noexcept : _m(const_cast(&m)) - { - _m->rlock(); - } - ZT_INLINE ~RLock() - { - _m->runlock(); - } + explicit ZT_INLINE RLock(RWMutex &m) noexcept : _m(&m) { m.rlock(); } + explicit ZT_INLINE RLock(const RWMutex &m) noexcept : _m(const_cast(&m)) { _m->rlock(); } + ZT_INLINE ~RLock() { _m->runlock(); } private: - RWMutex* const _m; + RWMutex *const _m; }; /** @@ -183,21 +108,12 @@ class RWMutex { */ class Lock { public: - explicit ZT_INLINE Lock(RWMutex& m) noexcept : _m(&m) - { - m.lock(); - } - explicit ZT_INLINE Lock(const RWMutex& m) noexcept : _m(const_cast(&m)) - { - _m->lock(); - } - ZT_INLINE ~Lock() - { - _m->unlock(); - } + explicit ZT_INLINE Lock(RWMutex &m) noexcept : _m(&m) { m.lock(); } + explicit ZT_INLINE Lock(const RWMutex &m) noexcept : _m(const_cast(&m)) { _m->lock(); } + ZT_INLINE ~Lock() { _m->unlock(); } private: - RWMutex* const _m; + RWMutex *const _m; }; /** @@ -211,21 +127,14 @@ class RWMutex { */ class RMaybeWLock { public: - explicit ZT_INLINE RMaybeWLock(RWMutex& m) noexcept - : _m(&m) - , _w(false) - { - m.rlock(); - } - explicit ZT_INLINE RMaybeWLock(const RWMutex& m) noexcept - : _m(const_cast(&m)) - , _w(false) + explicit ZT_INLINE RMaybeWLock(RWMutex &m) noexcept : _m(&m), _w(false) { m.rlock(); } + explicit ZT_INLINE RMaybeWLock(const RWMutex &m) noexcept : _m(const_cast(&m)), _w(false) { _m->rlock(); } ZT_INLINE void writing() noexcept { - if (! _w) { + if (!_w) { _w = true; _m->runlock(); _m->lock(); @@ -239,10 +148,7 @@ class RWMutex { _m->rlock(); } } - ZT_INLINE bool isWriting() const noexcept - { - return _w; - } + ZT_INLINE bool isWriting() const noexcept { return _w; } ZT_INLINE ~RMaybeWLock() { if (_w) @@ -252,18 +158,13 @@ class RWMutex { } private: - RWMutex* const _m; + RWMutex *const _m; bool _w; }; private: - ZT_INLINE RWMutex(const RWMutex&) noexcept - { - } - ZT_INLINE const RWMutex& operator=(const RWMutex&) noexcept - { - return *this; - } + ZT_INLINE RWMutex(const RWMutex &) noexcept {} + ZT_INLINE const RWMutex &operator=(const RWMutex &) noexcept { return *this; } #ifdef ZT_USE_PTHREADS pthread_rwlock_t _mh; diff --git a/core/Network.cpp b/core/Network.cpp index 161485609..f628d6305 100644 --- a/core/Network.cpp +++ b/core/Network.cpp @@ -33,11 +33,11 @@ namespace ZeroTier { namespace { // Returns true if packet appears valid; pos and proto will be set -bool _ipv6GetPayload(const uint8_t* frameData, unsigned int frameLen, unsigned int& pos, unsigned int& proto) noexcept +bool _ipv6GetPayload(const uint8_t *frameData, unsigned int frameLen, unsigned int &pos, unsigned int &proto) noexcept { if (frameLen < 40) return false; - pos = 40; + pos = 40; proto = frameData[6]; while (pos <= frameLen) { switch (proto) { @@ -54,35 +54,33 @@ bool _ipv6GetPayload(const uint8_t* frameData, unsigned int frameLen, unsigned i // case 44: // fragment -- we currently can't parse these and they are deprecated in IPv6 anyway // case 50: // case 51: // IPSec ESP and AH -- we have to stop here since this is encrypted stuff - default: - return true; + default: return true; } } return false; // overflow == invalid } -enum _doZtFilterResult { DOZTFILTER_NO_MATCH, DOZTFILTER_DROP, DOZTFILTER_REDIRECT, DOZTFILTER_ACCEPT, DOZTFILTER_SUPER_ACCEPT }; +enum _doZtFilterResult { + DOZTFILTER_NO_MATCH, + DOZTFILTER_DROP, + DOZTFILTER_REDIRECT, + DOZTFILTER_ACCEPT, + DOZTFILTER_SUPER_ACCEPT +}; ZT_INLINE _doZtFilterResult _doZtFilter( - const Context& ctx, - Trace::RuleResultLog& rrl, - const NetworkConfig& nconf, - const Member* membership, // can be NULL - const bool inbound, - const Address& ztSource, - Address& ztDest, // MUTABLE -- is changed on REDIRECT actions - const MAC& macSource, - const MAC& macDest, - const uint8_t* const frameData, - const unsigned int frameLen, - const unsigned int etherType, - const unsigned int vlanId, - const ZT_VirtualNetworkRule* rules, // cannot be NULL + const Context &ctx, Trace::RuleResultLog &rrl, const NetworkConfig &nconf, + const Member *membership, // can be NULL + const bool inbound, const Address &ztSource, + Address &ztDest, // MUTABLE -- is changed on REDIRECT actions + const MAC &macSource, const MAC &macDest, const uint8_t *const frameData, const unsigned int frameLen, + const unsigned int etherType, const unsigned int vlanId, + const ZT_VirtualNetworkRule *rules, // cannot be NULL const unsigned int ruleCount, - Address& cc, // MUTABLE -- set to TEE destination if TEE action is taken or left alone otherwise - unsigned int& ccLength, // MUTABLE -- set to length of packet payload to TEE - bool& ccWatch, // MUTABLE -- set to true for WATCH target as opposed to normal TEE - uint8_t& qosBucket) noexcept // MUTABLE -- set to the value of the argument provided to PRIORITY + Address &cc, // MUTABLE -- set to TEE destination if TEE action is taken or left alone otherwise + unsigned int &ccLength, // MUTABLE -- set to length of packet payload to TEE + bool &ccWatch, // MUTABLE -- set to true for WATCH target as opposed to normal TEE + uint8_t &qosBucket) noexcept // MUTABLE -- set to the value of the argument provided to PRIORITY { // Set to true if we are a TEE/REDIRECT/WATCH target bool superAccept = false; @@ -101,11 +99,12 @@ ZT_INLINE _doZtFilterResult _doZtFilter( if (thisSetMatches) { switch (rt) { case ZT_NETWORK_RULE_ACTION_PRIORITY: - qosBucket = (rules[rn].v.qosBucket >= 0 && rules[rn].v.qosBucket <= 8) ? rules[rn].v.qosBucket : 4; // 4 = default bucket (no priority) + qosBucket = (rules[rn].v.qosBucket >= 0 && rules[rn].v.qosBucket <= 8) + ? rules[rn].v.qosBucket + : 4; // 4 = default bucket (no priority) return DOZTFILTER_ACCEPT; - case ZT_NETWORK_RULE_ACTION_DROP: - return DOZTFILTER_DROP; + case ZT_NETWORK_RULE_ACTION_DROP: return DOZTFILTER_DROP; case ZT_NETWORK_RULE_ACTION_ACCEPT: return (superAccept ? DOZTFILTER_SUPER_ACCEPT : DOZTFILTER_ACCEPT); // match, accept packet @@ -133,9 +132,13 @@ ZT_INLINE _doZtFilterResult _doZtFilter( return DOZTFILTER_REDIRECT; } else { - cc = fwdAddr; - ccLength = (rules[rn].v.fwd.length != 0) ? ((frameLen < (unsigned int)rules[rn].v.fwd.length) ? frameLen : (unsigned int)rules[rn].v.fwd.length) : frameLen; - ccWatch = (rt == ZT_NETWORK_RULE_ACTION_WATCH); + cc = fwdAddr; + ccLength = (rules[rn].v.fwd.length != 0) + ? ((frameLen < (unsigned int)rules[rn].v.fwd.length) + ? frameLen + : (unsigned int)rules[rn].v.fwd.length) + : frameLen; + ccWatch = (rt == ZT_NETWORK_RULE_ACTION_WATCH); } } } @@ -145,8 +148,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter( return DOZTFILTER_NO_MATCH; // Unrecognized ACTIONs are ignored as no-ops - default: - continue; + default: continue; } } else { @@ -161,8 +163,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter( if (ctx.identity.address().toInt() == rules[rn].v.fwd.address) superAccept = true; break; - default: - break; + default: break; } } @@ -173,14 +174,15 @@ ZT_INLINE _doZtFilterResult _doZtFilter( // Circuit breaker: no need to evaluate an AND if the set's match state // is currently false since anything AND false is false. - if ((! thisSetMatches) && (! (rules[rn].t & 0x40U))) { + if ((!thisSetMatches) && (!(rules[rn].t & 0x40U))) { rrl.logSkipped(rn, thisSetMatches); continue; } // If this was not an ACTION evaluate next MATCH and update thisSetMatches with (AND [result]) uint8_t thisRuleMatches = 0; - uint64_t ownershipVerificationMask = 1; // this magic value means it hasn't been computed yet -- this is done lazily the first time it's needed + uint64_t ownershipVerificationMask = + 1; // this magic value means it hasn't been computed yet -- this is done lazily the first time it's needed switch (rt) { case ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS: thisRuleMatches = (uint8_t)(rules[rn].v.zt == ztSource.toInt()); @@ -202,12 +204,12 @@ ZT_INLINE _doZtFilterResult _doZtFilter( case ZT_NETWORK_RULE_MATCH_MAC_SOURCE: thisRuleMatches = (uint8_t)(MAC(rules[rn].v.mac) == macSource); break; - case ZT_NETWORK_RULE_MATCH_MAC_DEST: - thisRuleMatches = (uint8_t)(MAC(rules[rn].v.mac) == macDest); - break; + case ZT_NETWORK_RULE_MATCH_MAC_DEST: thisRuleMatches = (uint8_t)(MAC(rules[rn].v.mac) == macDest); break; case ZT_NETWORK_RULE_MATCH_IPV4_SOURCE: if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { - thisRuleMatches = (uint8_t)(InetAddress((const void*)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask).containsAddress(InetAddress((const void*)(frameData + 12), 4, 0))); + thisRuleMatches = + (uint8_t)(InetAddress((const void *)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask) + .containsAddress(InetAddress((const void *)(frameData + 12), 4, 0))); } else { thisRuleMatches = 0; @@ -215,7 +217,9 @@ ZT_INLINE _doZtFilterResult _doZtFilter( break; case ZT_NETWORK_RULE_MATCH_IPV4_DEST: if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { - thisRuleMatches = (uint8_t)(InetAddress((const void*)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask).containsAddress(InetAddress((const void*)(frameData + 16), 4, 0))); + thisRuleMatches = + (uint8_t)(InetAddress((const void *)&(rules[rn].v.ipv4.ip), 4, rules[rn].v.ipv4.mask) + .containsAddress(InetAddress((const void *)(frameData + 16), 4, 0))); } else { thisRuleMatches = 0; @@ -223,7 +227,9 @@ ZT_INLINE _doZtFilterResult _doZtFilter( break; case ZT_NETWORK_RULE_MATCH_IPV6_SOURCE: if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) { - thisRuleMatches = (uint8_t)(InetAddress((const void*)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask).containsAddress(InetAddress((const void*)(frameData + 8), 16, 0))); + thisRuleMatches = + (uint8_t)(InetAddress((const void *)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask) + .containsAddress(InetAddress((const void *)(frameData + 8), 16, 0))); } else { thisRuleMatches = 0; @@ -231,7 +237,9 @@ ZT_INLINE _doZtFilterResult _doZtFilter( break; case ZT_NETWORK_RULE_MATCH_IPV6_DEST: if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) { - thisRuleMatches = (uint8_t)(InetAddress((const void*)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask).containsAddress(InetAddress((const void*)(frameData + 24), 16, 0))); + thisRuleMatches = + (uint8_t)(InetAddress((const void *)rules[rn].v.ipv6.ip, 16, rules[rn].v.ipv6.mask) + .containsAddress(InetAddress((const void *)(frameData + 24), 16, 0))); } else { thisRuleMatches = 0; @@ -240,11 +248,14 @@ ZT_INLINE _doZtFilterResult _doZtFilter( case ZT_NETWORK_RULE_MATCH_IP_TOS: if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { const uint8_t tosMasked = frameData[1] & rules[rn].v.ipTos.mask; - thisRuleMatches = (uint8_t)((tosMasked >= rules[rn].v.ipTos.value[0]) && (tosMasked <= rules[rn].v.ipTos.value[1])); + thisRuleMatches = + (uint8_t)((tosMasked >= rules[rn].v.ipTos.value[0]) && (tosMasked <= rules[rn].v.ipTos.value[1])); } else if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) { - const uint8_t tosMasked = (((frameData[0] << 4U) & 0xf0U) | ((frameData[1] >> 4U) & 0x0fU)) & rules[rn].v.ipTos.mask; - thisRuleMatches = (uint8_t)((tosMasked >= rules[rn].v.ipTos.value[0]) && (tosMasked <= rules[rn].v.ipTos.value[1])); + const uint8_t tosMasked = + (((frameData[0] << 4U) & 0xf0U) | ((frameData[1] >> 4U) & 0x0fU)) & rules[rn].v.ipTos.mask; + thisRuleMatches = + (uint8_t)((tosMasked >= rules[rn].v.ipTos.value[0]) && (tosMasked <= rules[rn].v.ipTos.value[1])); } else { thisRuleMatches = 0; @@ -327,7 +338,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter( case ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE: if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { const unsigned int headerLen = 4 * (frameData[0] & 0xfU); - int p = -1; + int p = -1; switch (frameData[9]) { // IP protocol number // All these start with 16-bit source and destination port in that order case 0x06: // TCP @@ -335,14 +346,17 @@ ZT_INLINE _doZtFilterResult _doZtFilter( case 0x84: // SCTP case 0x88: // UDPLite if (frameLen > (headerLen + 4)) { - unsigned int pos = headerLen + ((rt == ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE) ? 2 : 0); + unsigned int pos = + headerLen + ((rt == ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE) ? 2 : 0); p = (int)(frameData[pos++] << 8U); p |= (int)frameData[pos]; } break; } - thisRuleMatches = (p >= 0) ? (uint8_t)((p >= (int)rules[rn].v.port[0]) && (p <= (int)rules[rn].v.port[1])) : (uint8_t)0; + thisRuleMatches = + (p >= 0) ? (uint8_t)((p >= (int)rules[rn].v.port[0]) && (p <= (int)rules[rn].v.port[1])) + : (uint8_t)0; } else if (etherType == ZT_ETHERTYPE_IPV6) { unsigned int pos = 0, proto = 0; @@ -362,7 +376,9 @@ ZT_INLINE _doZtFilterResult _doZtFilter( } break; } - thisRuleMatches = (p > 0) ? (uint8_t)((p >= (int)rules[rn].v.port[0]) && (p <= (int)rules[rn].v.port[1])) : (uint8_t)0; + thisRuleMatches = + (p > 0) ? (uint8_t)((p >= (int)rules[rn].v.port[0]) && (p <= (int)rules[rn].v.port[1])) + : (uint8_t)0; } else { thisRuleMatches = 0; @@ -382,12 +398,13 @@ ZT_INLINE _doZtFilterResult _doZtFilter( ownershipVerificationMask = 0; InetAddress src; if ((etherType == ZT_ETHERTYPE_IPV4) && (frameLen >= 20)) { - src.set((const void*)(frameData + 12), 4, 0); + src.set((const void *)(frameData + 12), 4, 0); } else if ((etherType == ZT_ETHERTYPE_IPV6) && (frameLen >= 40)) { // IPv6 NDP requires special handling, since the src and dest IPs in the packet are empty or // link-local. - if ((frameLen >= (40 + 8 + 16)) && (frameData[6] == 0x3a) && ((frameData[40] == 0x87) || (frameData[40] == 0x88))) { + if ((frameLen >= (40 + 8 + 16)) && (frameData[6] == 0x3a) + && ((frameData[40] == 0x87) || (frameData[40] == 0x88))) { if (frameData[40] == 0x87) { // Neighbor solicitations contain no reliable source address, so we implement a small // hack by considering them authenticated. Otherwise you would pretty much have to do @@ -396,16 +413,16 @@ ZT_INLINE _doZtFilterResult _doZtFilter( } else { // Neighbor advertisements on the other hand can absolutely be authenticated. - src.set((const void*)(frameData + 40 + 8), 16, 0); + src.set((const void *)(frameData + 40 + 8), 16, 0); } } else { // Other IPv6 packets can be handled normally - src.set((const void*)(frameData + 8), 16, 0); + src.set((const void *)(frameData + 8), 16, 0); } } else if ((etherType == ZT_ETHERTYPE_ARP) && (frameLen >= 28)) { - src.set((const void*)(frameData + 14), 4, 0); + src.set((const void *)(frameData + 14), 4, 0); } if (inbound) { if (membership) { @@ -445,22 +462,26 @@ ZT_INLINE _doZtFilterResult _doZtFilter( thisRuleMatches = (uint8_t)((frameLen >= (unsigned int)rules[rn].v.frameSize[0]) && (frameLen <= (unsigned int)rules[rn].v.frameSize[1])); break; case ZT_NETWORK_RULE_MATCH_RANDOM: - thisRuleMatches = (uint8_t)((uint32_t)(Utils::random() & 0xffffffffULL) <= rules[rn].v.randomProbability); + thisRuleMatches = + (uint8_t)((uint32_t)(Utils::random() & 0xffffffffULL) <= rules[rn].v.randomProbability); break; case ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR: case ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR: case ZT_NETWORK_RULE_MATCH_TAGS_EQUAL: { - const TagCredential* const localTag = std::lower_bound(&(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, TagCredential::IdComparePredicate()); + const TagCredential *const localTag = std::lower_bound( + &(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, + TagCredential::IdComparePredicate()); if ((localTag != &(nconf.tags[nconf.tagCount])) && (localTag->id() == rules[rn].v.tag.id)) { - const TagCredential* const remoteTag = ((membership) ? membership->getTag(nconf, rules[rn].v.tag.id) : (const TagCredential*)0); + const TagCredential *const remoteTag = + ((membership) ? membership->getTag(nconf, rules[rn].v.tag.id) : (const TagCredential *)0); if (remoteTag) { const uint32_t ltv = localTag->value(); const uint32_t rtv = remoteTag->value(); if (rt == ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE) { const uint32_t diff = (ltv > rtv) ? (ltv - rtv) : (rtv - ltv); - thisRuleMatches = (uint8_t)(diff <= rules[rn].v.tag.value); + thisRuleMatches = (uint8_t)(diff <= rules[rn].v.tag.value); } else if (rt == ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND) { thisRuleMatches = (uint8_t)((ltv & rtv) == rules[rn].v.tag.value); @@ -472,14 +493,15 @@ ZT_INLINE _doZtFilterResult _doZtFilter( thisRuleMatches = (uint8_t)((ltv ^ rtv) == rules[rn].v.tag.value); } else if (rt == ZT_NETWORK_RULE_MATCH_TAGS_EQUAL) { - thisRuleMatches = (uint8_t)((ltv == rules[rn].v.tag.value) && (rtv == rules[rn].v.tag.value)); + thisRuleMatches = + (uint8_t)((ltv == rules[rn].v.tag.value) && (rtv == rules[rn].v.tag.value)); } else { // sanity check, can't really happen thisRuleMatches = 0; } } else { - if ((inbound) && (! superAccept)) { + if ((inbound) && (!superAccept)) { thisRuleMatches = 0; } else { @@ -501,8 +523,11 @@ ZT_INLINE _doZtFilterResult _doZtFilter( if (superAccept) { thisRuleMatches = 1; } - else if (((rt == ZT_NETWORK_RULE_MATCH_TAG_SENDER) && (inbound)) || ((rt == ZT_NETWORK_RULE_MATCH_TAG_RECEIVER) && (! inbound))) { - const TagCredential* const remoteTag = ((membership) ? membership->getTag(nconf, rules[rn].v.tag.id) : (const TagCredential*)0); + else if ( + ((rt == ZT_NETWORK_RULE_MATCH_TAG_SENDER) && (inbound)) + || ((rt == ZT_NETWORK_RULE_MATCH_TAG_RECEIVER) && (!inbound))) { + const TagCredential *const remoteTag = + ((membership) ? membership->getTag(nconf, rules[rn].v.tag.id) : (const TagCredential *)0); if (remoteTag) { thisRuleMatches = (uint8_t)(remoteTag->value() == rules[rn].v.tag.value); } @@ -518,7 +543,9 @@ ZT_INLINE _doZtFilterResult _doZtFilter( } } else { // sender and outbound or receiver and inbound - const TagCredential* const localTag = std::lower_bound(&(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, TagCredential::IdComparePredicate()); + const TagCredential *const localTag = std::lower_bound( + &(nconf.tags[0]), &(nconf.tags[nconf.tagCount]), rules[rn].v.tag.id, + TagCredential::IdComparePredicate()); if ((localTag != &(nconf.tags[nconf.tagCount])) && (localTag->id() == rules[rn].v.tag.id)) { thisRuleMatches = (uint8_t)(localTag->value() == rules[rn].v.tag.value); } @@ -528,12 +555,12 @@ ZT_INLINE _doZtFilterResult _doZtFilter( } } break; case ZT_NETWORK_RULE_MATCH_INTEGER_RANGE: { - uint64_t integer = 0; - const unsigned int bits = (rules[rn].v.intRange.format & 63U) + 1; + uint64_t integer = 0; + const unsigned int bits = (rules[rn].v.intRange.format & 63U) + 1; const unsigned int bytes = ((bits + 8 - 1) / 8); // integer ceiling of division by 8 if ((rules[rn].v.intRange.format & 0x80U) == 0) { // Big-endian - unsigned int idx = rules[rn].v.intRange.idx + (8 - bytes); + unsigned int idx = rules[rn].v.intRange.idx + (8 - bytes); const unsigned int eof = idx + bytes; if (eof <= frameLen) { while (idx < eof) { @@ -545,7 +572,7 @@ ZT_INLINE _doZtFilterResult _doZtFilter( } else { // Little-endian - unsigned int idx = rules[rn].v.intRange.idx; + unsigned int idx = rules[rn].v.intRange.idx; const unsigned int eof = idx + bytes; if (eof <= frameLen) { while (idx < eof) { @@ -561,7 +588,8 @@ ZT_INLINE _doZtFilterResult _doZtFilter( // The result of an unsupported MATCH is configurable at the network // level via a flag. default: - thisRuleMatches = (uint8_t)((nconf.flags & ZT_NETWORKCONFIG_FLAG_RULES_RESULT_OF_UNSUPPORTED_MATCH) != 0); + thisRuleMatches = + (uint8_t)((nconf.flags & ZT_NETWORKCONFIG_FLAG_RULES_RESULT_OF_UNSUPPORTED_MATCH) != 0); break; } @@ -580,7 +608,9 @@ ZT_INLINE _doZtFilterResult _doZtFilter( const ZeroTier::MulticastGroup Network::BROADCAST(ZeroTier::MAC(0xffffffffffffULL), 0); -Network::Network(const Context& ctx, const CallContext& cc, uint64_t nwid, const Fingerprint& controllerFingerprint, void* uptr, const NetworkConfig* nconf) +Network::Network( + const Context &ctx, const CallContext &cc, uint64_t nwid, const Fingerprint &controllerFingerprint, void *uptr, + const NetworkConfig *nconf) : m_ctx(ctx) , m_uPtr(uptr) , m_id(nwid) @@ -614,7 +644,7 @@ Network::Network(const Context& ctx, const CallContext& cc, uint64_t nwid, const if (nconf2->fromDictionary(dict)) { this->setConfiguration(cc, *nconf2, false); m_lastConfigUpdate = 0; // still want to re-request an update since it's likely outdated - got = true; + got = true; } } catch (...) { @@ -625,14 +655,16 @@ Network::Network(const Context& ctx, const CallContext& cc, uint64_t nwid, const catch (...) { } - if (! got) + if (!got) m_ctx.store->put(cc, ZT_STATE_OBJECT_NETWORK_CONFIG, tmp, 1, "\n", 1); } - if (! m_portInitialized) { + if (!m_portInitialized) { ZT_VirtualNetworkConfig ctmp; m_externalConfig(&ctmp); - m_ctx.cb.virtualNetworkConfigFunction(reinterpret_cast(m_ctx.node), m_ctx.uPtr, cc.tPtr, m_id, &m_uPtr, ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP, &ctmp); + m_ctx.cb.virtualNetworkConfigFunction( + reinterpret_cast(m_ctx.node), m_ctx.uPtr, cc.tPtr, m_id, &m_uPtr, + ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP, &ctmp); m_portInitialized = true; } } @@ -653,35 +685,29 @@ Network::~Network() // *)0,_id,&_uPtr,ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY,&ctmp); } else { - m_ctx.cb.virtualNetworkConfigFunction(reinterpret_cast(m_ctx.node), m_ctx.uPtr, nullptr, m_id, &m_uPtr, ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DOWN, &ctmp); + m_ctx.cb.virtualNetworkConfigFunction( + reinterpret_cast(m_ctx.node), m_ctx.uPtr, nullptr, m_id, &m_uPtr, + ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DOWN, &ctmp); } } bool Network::filterOutgoingPacket( - const CallContext& cc, - const bool noTee, - const Address& ztSource, - const Address& ztDest, - const MAC& macSource, - const MAC& macDest, - const uint8_t* frameData, - const unsigned int frameLen, - const unsigned int etherType, - const unsigned int vlanId, - uint8_t& qosBucket) + const CallContext &cc, const bool noTee, const Address &ztSource, const Address &ztDest, const MAC &macSource, + const MAC &macDest, const uint8_t *frameData, const unsigned int frameLen, const unsigned int etherType, + const unsigned int vlanId, uint8_t &qosBucket) { Trace::RuleResultLog rrl, crrl; Address ztFinalDest(ztDest); int localCapabilityIndex = -1; - int accept = 0; + int accept = 0; Address ccNodeAddress; unsigned int ccLength = 0; - bool ccWatch = false; + bool ccWatch = false; Mutex::Lock l1(m_memberships_l); Mutex::Lock l2(m_config_l); - Member* membership; + Member *membership; if (ztDest) { Map::iterator mm(m_memberships.find(ztDest)); membership = (mm == m_memberships.end()) ? nullptr : &(mm->second); @@ -690,33 +716,19 @@ bool Network::filterOutgoingPacket( membership = nullptr; } - switch (_doZtFilter(m_ctx, rrl, m_config, membership, false, ztSource, ztFinalDest, macSource, macDest, frameData, frameLen, etherType, vlanId, m_config.rules, m_config.ruleCount, ccNodeAddress, ccLength, ccWatch, qosBucket)) { + switch (_doZtFilter( + m_ctx, rrl, m_config, membership, false, ztSource, ztFinalDest, macSource, macDest, frameData, frameLen, + etherType, vlanId, m_config.rules, m_config.ruleCount, ccNodeAddress, ccLength, ccWatch, qosBucket)) { case DOZTFILTER_NO_MATCH: { for (unsigned int c = 0; c < m_config.capabilityCount; ++c) { ztFinalDest = ztDest; // sanity check, shouldn't be possible if there was no match Address cc2; unsigned int ccLength2 = 0; - bool ccWatch2 = false; + bool ccWatch2 = false; switch (_doZtFilter( - m_ctx, - crrl, - m_config, - membership, - false, - ztSource, - ztFinalDest, - macSource, - macDest, - frameData, - frameLen, - etherType, - vlanId, - m_config.capabilities[c].rules(), - m_config.capabilities[c].ruleCount(), - cc2, - ccLength2, - ccWatch2, - qosBucket)) { + m_ctx, crrl, m_config, membership, false, ztSource, ztFinalDest, macSource, macDest, frameData, + frameLen, etherType, vlanId, m_config.capabilities[c].rules(), m_config.capabilities[c].ruleCount(), + cc2, ccLength2, ccWatch2, qosBucket)) { case DOZTFILTER_NO_MATCH: case DOZTFILTER_DROP: // explicit DROP in a capability just terminates its evaluation and is an // anti-pattern @@ -727,9 +739,9 @@ bool Network::filterOutgoingPacket( case DOZTFILTER_ACCEPT: case DOZTFILTER_SUPER_ACCEPT: // no difference in behavior on outbound side in capabilities localCapabilityIndex = (int)c; - accept = 1; + accept = 1; - if ((! noTee) && (cc2)) { + if ((!noTee) && (cc2)) { // TODO /* Packet outp(cc2,m_ctx.identity.address(),Packet::VERB_EXT_FRAME); @@ -752,21 +764,19 @@ bool Network::filterOutgoingPacket( } break; case DOZTFILTER_DROP: - m_ctx.t->networkFilter(cc, 0xadea5a2a, m_id, rrl.l, nullptr, 0, 0, ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, 0); + m_ctx.t->networkFilter( + cc, 0xadea5a2a, m_id, rrl.l, nullptr, 0, 0, ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, + frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, 0); return false; case DOZTFILTER_REDIRECT: // interpreted as ACCEPT but ztFinalDest will have been changed in _doZtFilter() - case DOZTFILTER_ACCEPT: - accept = 1; - break; + case DOZTFILTER_ACCEPT: accept = 1; break; - case DOZTFILTER_SUPER_ACCEPT: - accept = 2; - break; + case DOZTFILTER_SUPER_ACCEPT: accept = 2; break; } if (accept != 0) { - if ((! noTee) && (ccNodeAddress)) { + if ((!noTee) && (ccNodeAddress)) { // TODO /* Packet outp(cc,m_ctx.identity.address(),Packet::VERB_EXT_FRAME); @@ -801,53 +811,54 @@ bool Network::filterOutgoingPacket( } if (localCapabilityIndex >= 0) { - const CapabilityCredential& cap = m_config.capabilities[localCapabilityIndex]; - m_ctx.t->networkFilter(cc, 0x56ff1a93, m_id, rrl.l, crrl.l, cap.id(), cap.timestamp(), ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, accept); + const CapabilityCredential &cap = m_config.capabilities[localCapabilityIndex]; + m_ctx.t->networkFilter( + cc, 0x56ff1a93, m_id, rrl.l, crrl.l, cap.id(), cap.timestamp(), ztSource, ztDest, macSource, macDest, + (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, accept); } else { - m_ctx.t->networkFilter(cc, 0x112fbbab, m_id, rrl.l, nullptr, 0, 0, ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, accept); + m_ctx.t->networkFilter( + cc, 0x112fbbab, m_id, rrl.l, nullptr, 0, 0, ztSource, ztDest, macSource, macDest, (uint16_t)frameLen, + frameData, (uint16_t)etherType, (uint16_t)vlanId, noTee, false, accept); } return (accept != 0); } int Network::filterIncomingPacket( - const CallContext& cc, - const SharedPtr& sourcePeer, - const Address& ztDest, - const MAC& macSource, - const MAC& macDest, - const uint8_t* frameData, - const unsigned int frameLen, - const unsigned int etherType, + const CallContext &cc, const SharedPtr &sourcePeer, const Address &ztDest, const MAC &macSource, + const MAC &macDest, const uint8_t *frameData, const unsigned int frameLen, const unsigned int etherType, const unsigned int vlanId) { Address ztFinalDest(ztDest); Trace::RuleResultLog rrl, crrl; int accept = 0; Address ccNodeAddress; - unsigned int ccLength = 0; - bool ccWatch = false; - const CapabilityCredential* c = nullptr; + unsigned int ccLength = 0; + bool ccWatch = false; + const CapabilityCredential *c = nullptr; uint8_t qosBucket = 255; // For incoming packets this is a dummy value Mutex::Lock l1(m_memberships_l); Mutex::Lock l2(m_config_l); - Member& membership = m_memberships[sourcePeer->address()]; + Member &membership = m_memberships[sourcePeer->address()]; - switch ( - _doZtFilter(m_ctx, rrl, m_config, &membership, true, sourcePeer->address(), ztFinalDest, macSource, macDest, frameData, frameLen, etherType, vlanId, m_config.rules, m_config.ruleCount, ccNodeAddress, ccLength, ccWatch, qosBucket)) { + switch (_doZtFilter( + m_ctx, rrl, m_config, &membership, true, sourcePeer->address(), ztFinalDest, macSource, macDest, frameData, + frameLen, etherType, vlanId, m_config.rules, m_config.ruleCount, ccNodeAddress, ccLength, ccWatch, qosBucket)) { case DOZTFILTER_NO_MATCH: { Member::CapabilityIterator mci(membership, m_config); while ((c = mci.next())) { ztFinalDest = ztDest; // sanity check, should be unmodified if there was no match Address cc2; unsigned int ccLength2 = 0; - bool ccWatch2 = false; - switch ( - _doZtFilter(m_ctx, crrl, m_config, &membership, true, sourcePeer->address(), ztFinalDest, macSource, macDest, frameData, frameLen, etherType, vlanId, c->rules(), c->ruleCount(), cc2, ccLength2, ccWatch2, qosBucket)) { + bool ccWatch2 = false; + switch (_doZtFilter( + m_ctx, crrl, m_config, &membership, true, sourcePeer->address(), ztFinalDest, macSource, macDest, + frameData, frameLen, etherType, vlanId, c->rules(), c->ruleCount(), cc2, ccLength2, ccWatch2, + qosBucket)) { case DOZTFILTER_NO_MATCH: case DOZTFILTER_DROP: // explicit DROP in a capability just terminates its evaluation and is an // anti-pattern @@ -940,17 +951,17 @@ int Network::filterIncomingPacket( return accept; } -void Network::multicastSubscribe(const CallContext& cc, const MulticastGroup& mg) +void Network::multicastSubscribe(const CallContext &cc, const MulticastGroup &mg) { Mutex::Lock l(m_myMulticastGroups_l); - if (! std::binary_search(m_myMulticastGroups.begin(), m_myMulticastGroups.end(), mg)) { + if (!std::binary_search(m_myMulticastGroups.begin(), m_myMulticastGroups.end(), mg)) { m_myMulticastGroups.insert(std::upper_bound(m_myMulticastGroups.begin(), m_myMulticastGroups.end(), mg), mg); Mutex::Lock l2(m_memberships_l); m_announceMulticastGroups(cc.tPtr, true); } } -void Network::multicastUnsubscribe(const MulticastGroup& mg) +void Network::multicastUnsubscribe(const MulticastGroup &mg) { Mutex::Lock l(m_myMulticastGroups_l); Vector::iterator i(std::lower_bound(m_myMulticastGroups.begin(), m_myMulticastGroups.end(), mg)); @@ -958,7 +969,8 @@ void Network::multicastUnsubscribe(const MulticastGroup& mg) m_myMulticastGroups.erase(i); } -uint64_t Network::handleConfigChunk(const CallContext& cc, uint64_t packetId, const SharedPtr& source, const Buf& chunk, int ptr, int size) +uint64_t Network::handleConfigChunk( + const CallContext &cc, uint64_t packetId, const SharedPtr &source, const Buf &chunk, int ptr, int size) { // If the controller's full fingerprint is known or was explicitly specified on join(), // require that the controller's identity match. Otherwise learn it. @@ -1103,7 +1115,7 @@ uint64_t Network::handleConfigChunk(const CallContext& cc, uint64_t packetId, co #endif } -int Network::setConfiguration(const CallContext& cc, const NetworkConfig& nconf, bool saveToDisk) +int Network::setConfiguration(const CallContext &cc, const NetworkConfig &nconf, bool saveToDisk) { if (m_destroyed) return 0; @@ -1112,7 +1124,9 @@ int Network::setConfiguration(const CallContext& cc, const NetworkConfig& nconf, try { if ((nconf.issuedTo != m_ctx.identity.address()) || (nconf.networkId != m_id)) return 0; // invalid config that is not for us or not for this network - if ((! Utils::allZero(nconf.issuedToFingerprintHash, ZT_FINGERPRINT_HASH_SIZE)) && (memcmp(nconf.issuedToFingerprintHash, m_ctx.identity.fingerprint().hash, ZT_FINGERPRINT_HASH_SIZE) != 0)) + if ((!Utils::allZero(nconf.issuedToFingerprintHash, ZT_FINGERPRINT_HASH_SIZE)) + && (memcmp(nconf.issuedToFingerprintHash, m_ctx.identity.fingerprint().hash, ZT_FINGERPRINT_HASH_SIZE) + != 0)) return 0; // full identity hash is present and does not match if (m_config == nconf) @@ -1123,23 +1137,20 @@ int Network::setConfiguration(const CallContext& cc, const NetworkConfig& nconf, { // do things that require lock here, but unlock before calling callbacks Mutex::Lock l1(m_config_l); - m_config = nconf; + m_config = nconf; m_lastConfigUpdate = cc.ticks; - _netconfFailure = NETCONF_FAILURE_NONE; + _netconfFailure = NETCONF_FAILURE_NONE; oldPortInitialized = m_portInitialized; - m_portInitialized = true; + m_portInitialized = true; m_externalConfig(&ctmp); } m_ctx.cb.virtualNetworkConfigFunction( - reinterpret_cast(m_ctx.node), - m_ctx.uPtr, - cc.tPtr, - nconf.networkId, - &m_uPtr, - (oldPortInitialized) ? ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_CONFIG_UPDATE : ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP, + reinterpret_cast(m_ctx.node), m_ctx.uPtr, cc.tPtr, nconf.networkId, &m_uPtr, + (oldPortInitialized) ? ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_CONFIG_UPDATE + : ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_UP, &ctmp); if (saveToDisk) { @@ -1165,11 +1176,11 @@ int Network::setConfiguration(const CallContext& cc, const NetworkConfig& nconf, return 0; } -bool Network::gate(void* tPtr, const SharedPtr& peer) noexcept +bool Network::gate(void *tPtr, const SharedPtr &peer) noexcept { Mutex::Lock lc(m_config_l); - if (! m_config) + if (!m_config) return false; if (m_config.isPublic()) return true; @@ -1184,7 +1195,7 @@ bool Network::gate(void* tPtr, const SharedPtr& peer) noexcept return false; } -void Network::doPeriodicTasks(const CallContext& cc) +void Network::doPeriodicTasks(const CallContext &cc) { if (m_destroyed) return; @@ -1217,7 +1228,7 @@ void Network::doPeriodicTasks(const CallContext& cc) } } -void Network::learnBridgeRoute(const MAC& mac, const Address& addr) +void Network::learnBridgeRoute(const MAC &mac, const Address &addr) { Mutex::Lock _l(m_remoteBridgeRoutes_l); m_remoteBridgeRoutes[mac] = addr; @@ -1233,7 +1244,7 @@ void Network::learnBridgeRoute(const MAC& mac, const Address& addr) const unsigned long c = ++counts[i->second]; if (c > maxCount) { maxCount = c; - maxAddr = i->second; + maxAddr = i->second; } } @@ -1247,7 +1258,8 @@ void Network::learnBridgeRoute(const MAC& mac, const Address& addr) } } -Member::AddCredentialResult Network::addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const MembershipCredential& com) +Member::AddCredentialResult +Network::addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const MembershipCredential &com) { if (com.networkId() != m_id) return Member::ADD_REJECTED; @@ -1255,7 +1267,8 @@ Member::AddCredentialResult Network::addCredential(const CallContext& cc, const return m_memberships[com.issuedTo().address].addCredential(m_ctx, cc, sourcePeerIdentity, m_config, com); } -Member::AddCredentialResult Network::addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const CapabilityCredential& cap) +Member::AddCredentialResult +Network::addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const CapabilityCredential &cap) { if (cap.networkId() != m_id) return Member::ADD_REJECTED; @@ -1263,7 +1276,8 @@ Member::AddCredentialResult Network::addCredential(const CallContext& cc, const return m_memberships[cap.issuedTo()].addCredential(m_ctx, cc, sourcePeerIdentity, m_config, cap); } -Member::AddCredentialResult Network::addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const TagCredential& tag) +Member::AddCredentialResult +Network::addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const TagCredential &tag) { if (tag.networkId() != m_id) return Member::ADD_REJECTED; @@ -1271,13 +1285,14 @@ Member::AddCredentialResult Network::addCredential(const CallContext& cc, const return m_memberships[tag.issuedTo()].addCredential(m_ctx, cc, sourcePeerIdentity, m_config, tag); } -Member::AddCredentialResult Network::addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const RevocationCredential& rev) +Member::AddCredentialResult +Network::addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const RevocationCredential &rev) { if (rev.networkId() != m_id) return Member::ADD_REJECTED; Mutex::Lock l1(m_memberships_l); - Member& m = m_memberships[rev.target()]; + Member &m = m_memberships[rev.target()]; const Member::AddCredentialResult result = m.addCredential(m_ctx, cc, sourcePeerIdentity, m_config, rev); @@ -1305,7 +1320,8 @@ Member::AddCredentialResult Network::addCredential(const CallContext& cc, const return result; } -Member::AddCredentialResult Network::addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const OwnershipCredential& coo) +Member::AddCredentialResult +Network::addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const OwnershipCredential &coo) { if (coo.networkId() != m_id) return Member::ADD_REJECTED; @@ -1313,11 +1329,11 @@ Member::AddCredentialResult Network::addCredential(const CallContext& cc, const return m_memberships[coo.issuedTo()].addCredential(m_ctx, cc, sourcePeerIdentity, m_config, coo); } -void Network::pushCredentials(const CallContext& cc, const SharedPtr& to) +void Network::pushCredentials(const CallContext &cc, const SharedPtr &to) { const int64_t tout = std::min(m_config.credentialTimeMaxDelta, m_config.com.timestampMaxDelta()); Mutex::Lock _l(m_memberships_l); - Member& m = m_memberships[to->address()]; + Member &m = m_memberships[to->address()]; if (((cc.ticks - m.lastPushedCredentials()) + 5000) >= tout) m.pushCredentials(m_ctx, cc, to, m_config); } @@ -1331,13 +1347,13 @@ void Network::destroy() m_memberships_l.unlock(); } -void Network::externalConfig(ZT_VirtualNetworkConfig* ec) const +void Network::externalConfig(ZT_VirtualNetworkConfig *ec) const { Mutex::Lock _l(m_config_l); m_externalConfig(ec); } -void Network::m_requestConfiguration(const CallContext& cc) +void Network::m_requestConfiguration(const CallContext &cc) { if (m_destroyed) return; @@ -1345,53 +1361,53 @@ void Network::m_requestConfiguration(const CallContext& cc) if ((m_id >> 56U) == 0xff) { if ((m_id & 0xffffffU) == 0) { const uint16_t startPortRange = (uint16_t)((m_id >> 40U) & 0xffff); - const uint16_t endPortRange = (uint16_t)((m_id >> 24U) & 0xffff); + const uint16_t endPortRange = (uint16_t)((m_id >> 24U) & 0xffff); if (endPortRange >= startPortRange) { ScopedPtr nconf(new NetworkConfig()); - nconf->networkId = m_id; - nconf->timestamp = (cc.clock < 0) ? cc.ticks : cc.clock; + nconf->networkId = m_id; + nconf->timestamp = (cc.clock < 0) ? cc.ticks : cc.clock; nconf->credentialTimeMaxDelta = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA; - nconf->revision = 1; - nconf->issuedTo = m_ctx.identity.address(); - nconf->flags = ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; - nconf->mtu = ZT_DEFAULT_MTU; - nconf->multicastLimit = 0; - nconf->staticIpCount = 1; - nconf->ruleCount = 14; - nconf->staticIps[0] = InetAddress::makeIpv66plane(m_id, m_ctx.identity.address().toInt()); + nconf->revision = 1; + nconf->issuedTo = m_ctx.identity.address(); + nconf->flags = ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; + nconf->mtu = ZT_DEFAULT_MTU; + nconf->multicastLimit = 0; + nconf->staticIpCount = 1; + nconf->ruleCount = 14; + nconf->staticIps[0] = InetAddress::makeIpv66plane(m_id, m_ctx.identity.address().toInt()); // Drop everything but IPv6 - nconf->rules[0].t = (uint8_t)ZT_NETWORK_RULE_MATCH_ETHERTYPE | 0x80U; // NOT - nconf->rules[0].v.etherType = 0x86dd; // IPv6 - nconf->rules[1].t = (uint8_t)ZT_NETWORK_RULE_ACTION_DROP; + nconf->rules[0].t = (uint8_t)ZT_NETWORK_RULE_MATCH_ETHERTYPE | 0x80U; // NOT + nconf->rules[0].v.etherType = 0x86dd; // IPv6 + nconf->rules[1].t = (uint8_t)ZT_NETWORK_RULE_ACTION_DROP; // Allow ICMPv6 - nconf->rules[2].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; + nconf->rules[2].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; nconf->rules[2].v.ipProtocol = 0x3a; // ICMPv6 - nconf->rules[3].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + nconf->rules[3].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; // Allow destination ports within range - nconf->rules[4].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; - nconf->rules[4].v.ipProtocol = 0x11; // UDP - nconf->rules[5].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL | 0x40U; // OR - nconf->rules[5].v.ipProtocol = 0x06; // TCP - nconf->rules[6].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE; - nconf->rules[6].v.port[0] = startPortRange; - nconf->rules[6].v.port[1] = endPortRange; - nconf->rules[7].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + nconf->rules[4].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL; + nconf->rules[4].v.ipProtocol = 0x11; // UDP + nconf->rules[5].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_PROTOCOL | 0x40U; // OR + nconf->rules[5].v.ipProtocol = 0x06; // TCP + nconf->rules[6].t = (uint8_t)ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE; + nconf->rules[6].v.port[0] = startPortRange; + nconf->rules[6].v.port[1] = endPortRange; + nconf->rules[7].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; // Allow non-SYN TCP packets to permit non-connection-initiating traffic - nconf->rules[8].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS | 0x80U; // NOT + nconf->rules[8].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS | 0x80U; // NOT nconf->rules[8].v.characteristics = ZT_RULE_PACKET_CHARACTERISTICS_TCP_SYN; - nconf->rules[9].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + nconf->rules[9].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; // Also allow SYN+ACK which are replies to SYN - nconf->rules[10].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; + nconf->rules[10].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; nconf->rules[10].v.characteristics = ZT_RULE_PACKET_CHARACTERISTICS_TCP_SYN; - nconf->rules[11].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; + nconf->rules[11].t = (uint8_t)ZT_NETWORK_RULE_MATCH_CHARACTERISTICS; nconf->rules[11].v.characteristics = ZT_RULE_PACKET_CHARACTERISTICS_TCP_ACK; - nconf->rules[12].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; + nconf->rules[12].t = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT; nconf->rules[13].t = (uint8_t)ZT_NETWORK_RULE_ACTION_DROP; @@ -1417,7 +1433,7 @@ void Network::m_requestConfiguration(const CallContext& cc) else if ((m_id & 0xffU) == 0x01) { // ffAAaaaaaaaaaa01 -- where AA is the IPv4 /8 to use and aaaaaaaaaa is the anchor node for multicast gather // and replication - const uint64_t myAddress = m_ctx.identity.address().toInt(); + const uint64_t myAddress = m_ctx.identity.address().toInt(); const uint64_t networkHub = (m_id >> 8U) & 0xffffffffffULL; uint8_t ipv4[4]; @@ -1431,17 +1447,17 @@ void Network::m_requestConfiguration(const CallContext& cc) ScopedPtr nconf(new NetworkConfig()); - nconf->networkId = m_id; - nconf->timestamp = (cc.clock < 0) ? cc.ticks : cc.clock; + nconf->networkId = m_id; + nconf->timestamp = (cc.clock < 0) ? cc.ticks : cc.clock; nconf->credentialTimeMaxDelta = ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA; - nconf->revision = 1; - nconf->issuedTo = m_ctx.identity.address(); - nconf->flags = ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; - nconf->mtu = ZT_DEFAULT_MTU; - nconf->multicastLimit = 1024; - nconf->specialistCount = (networkHub == 0) ? 0 : 1; - nconf->staticIpCount = 2; - nconf->ruleCount = 1; + nconf->revision = 1; + nconf->issuedTo = m_ctx.identity.address(); + nconf->flags = ZT_NETWORKCONFIG_FLAG_ENABLE_IPV6_NDP_EMULATION; + nconf->mtu = ZT_DEFAULT_MTU; + nconf->multicastLimit = 1024; + nconf->specialistCount = (networkHub == 0) ? 0 : 1; + nconf->staticIpCount = 2; + nconf->ruleCount = 1; if (networkHub != 0) nconf->specialists[0] = networkHub; @@ -1453,12 +1469,12 @@ void Network::m_requestConfiguration(const CallContext& cc) nconf->type = ZT_NETWORK_TYPE_PUBLIC; - nconf->name[0] = 'a'; - nconf->name[1] = 'd'; - nconf->name[2] = 'h'; - nconf->name[3] = 'o'; - nconf->name[4] = 'c'; - nconf->name[5] = '-'; + nconf->name[0] = 'a'; + nconf->name[1] = 'd'; + nconf->name[2] = 'h'; + nconf->name[3] = 'o'; + nconf->name[4] = 'c'; + nconf->name[5] = '-'; unsigned long nn = 6; while ((nconf->name[nn] = v4ascii[nn - 6])) ++nn; @@ -1468,7 +1484,7 @@ void Network::m_requestConfiguration(const CallContext& cc) nconf->name[nn++] = '0'; nconf->name[nn++] = '.'; nconf->name[nn++] = '0'; - nconf->name[nn] = (char)0; + nconf->name[nn] = (char)0; this->setConfiguration(cc, *nconf, false); } @@ -1478,8 +1494,9 @@ void Network::m_requestConfiguration(const CallContext& cc) const Address ctrl(controller()); Dictionary rmd; - rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_VENDOR, - (uint64_t)1); // 1 == ZeroTier, no other vendors at the moment + rmd.add( + ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_VENDOR, + (uint64_t)1); // 1 == ZeroTier, no other vendors at the moment rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_PROTOCOL_VERSION, (uint64_t)ZT_PROTO_VERSION); rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MAJOR_VERSION, (uint64_t)ZEROTIER_VERSION_MAJOR); rmd.add(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_NODE_MINOR_VERSION, (uint64_t)ZEROTIER_VERSION_MINOR); @@ -1525,37 +1542,35 @@ void Network::m_requestConfiguration(const CallContext& cc) ZT_VirtualNetworkStatus Network::m_status() const { switch (_netconfFailure) { - case NETCONF_FAILURE_ACCESS_DENIED: - return ZT_NETWORK_STATUS_ACCESS_DENIED; - case NETCONF_FAILURE_NOT_FOUND: - return ZT_NETWORK_STATUS_NOT_FOUND; + case NETCONF_FAILURE_ACCESS_DENIED: return ZT_NETWORK_STATUS_ACCESS_DENIED; + case NETCONF_FAILURE_NOT_FOUND: return ZT_NETWORK_STATUS_NOT_FOUND; case NETCONF_FAILURE_NONE: return ((m_config) ? ZT_NETWORK_STATUS_OK : ZT_NETWORK_STATUS_REQUESTING_CONFIGURATION); - default: - return ZT_NETWORK_STATUS_REQUESTING_CONFIGURATION; + default: return ZT_NETWORK_STATUS_REQUESTING_CONFIGURATION; } } -void Network::m_externalConfig(ZT_VirtualNetworkConfig* ec) const +void Network::m_externalConfig(ZT_VirtualNetworkConfig *ec) const { // assumes _config_l is locked ec->nwid = m_id; - ec->mac = m_mac.toInt(); + ec->mac = m_mac.toInt(); if (m_config) Utils::scopy(ec->name, sizeof(ec->name), m_config.name); else ec->name[0] = (char)0; ec->status = m_status(); - ec->type = (m_config) ? (m_config.isPrivate() ? ZT_NETWORK_TYPE_PRIVATE : ZT_NETWORK_TYPE_PUBLIC) : ZT_NETWORK_TYPE_PRIVATE; - ec->mtu = (m_config) ? m_config.mtu : ZT_DEFAULT_MTU; + ec->type = (m_config) ? (m_config.isPrivate() ? ZT_NETWORK_TYPE_PRIVATE : ZT_NETWORK_TYPE_PUBLIC) + : ZT_NETWORK_TYPE_PRIVATE; + ec->mtu = (m_config) ? m_config.mtu : ZT_DEFAULT_MTU; Vector
ab; for (unsigned int i = 0; i < m_config.specialistCount; ++i) { if ((m_config.specialists[i] & ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE) != 0) ab.push_back(Address(m_config.specialists[i])); } - ec->bridge = (std::find(ab.begin(), ab.end(), m_ctx.identity.address()) != ab.end()) ? 1 : 0; + ec->bridge = (std::find(ab.begin(), ab.end(), m_ctx.identity.address()) != ab.end()) ? 1 : 0; ec->broadcastEnabled = (m_config) ? (m_config.enableBroadcast() ? 1 : 0) : 0; - ec->netconfRevision = (m_config) ? (unsigned long)m_config.revision : 0; + ec->netconfRevision = (m_config) ? (unsigned long)m_config.revision : 0; ec->assignedAddressCount = 0; for (unsigned int i = 0; i < ZT_MAX_ZT_ASSIGNED_ADDRESSES; ++i) { @@ -1580,7 +1595,7 @@ void Network::m_externalConfig(ZT_VirtualNetworkConfig* ec) const } } -void Network::m_announceMulticastGroups(void* tPtr, bool force) +void Network::m_announceMulticastGroups(void *tPtr, bool force) { // Assumes _myMulticastGroups_l and _memberships_l are locked const Vector groups(m_allMulticastGroups()); @@ -1599,7 +1614,8 @@ push time if ((!announce)&&(force)) announce = true; if ((announce)&&(m->isAllow */ } -void Network::m_announceMulticastGroupsTo(void* tPtr, const Address& peer, const Vector& allMulticastGroups) +void Network::m_announceMulticastGroupsTo( + void *tPtr, const Address &peer, const Vector &allMulticastGroups) { #if 0 // Assumes _myMulticastGroups_l and _memberships_l are locked @@ -1631,7 +1647,8 @@ Vector Network::m_allMulticastGroups() const Vector mgs; mgs.reserve(m_myMulticastGroups.size() + m_multicastGroupsBehindMe.size() + 1); mgs.insert(mgs.end(), m_myMulticastGroups.begin(), m_myMulticastGroups.end()); - for (Map::const_iterator i(m_multicastGroupsBehindMe.begin()); i != m_multicastGroupsBehindMe.end(); ++i) + for (Map::const_iterator i(m_multicastGroupsBehindMe.begin()); + i != m_multicastGroupsBehindMe.end(); ++i) mgs.push_back(i->first); if ((m_config) && (m_config.enableBroadcast())) mgs.push_back(Network::BROADCAST); diff --git a/core/Network.hpp b/core/Network.hpp index 73a12a292..4de3f4f01 100644 --- a/core/Network.hpp +++ b/core/Network.hpp @@ -51,10 +51,7 @@ class Network { /** * Compute primary controller device ID from network ID */ - static ZT_INLINE Address controllerFor(uint64_t nwid) noexcept - { - return Address(nwid >> 24U); - } + static ZT_INLINE Address controllerFor(uint64_t nwid) noexcept { return Address(nwid >> 24U); } /** * Construct a new network @@ -67,49 +64,27 @@ class Network { * @param uptr Arbitrary pointer used by externally-facing API (for user use) * @param nconf Network config, if known */ - Network(const Context& ctx, const CallContext& cc, uint64_t nwid, const Fingerprint& controllerFingerprint, void* uptr, const NetworkConfig* nconf); + Network( + const Context &ctx, const CallContext &cc, uint64_t nwid, const Fingerprint &controllerFingerprint, void *uptr, + const NetworkConfig *nconf); ~Network(); - ZT_INLINE uint64_t id() const noexcept - { - return m_id; - } + ZT_INLINE uint64_t id() const noexcept { return m_id; } - ZT_INLINE Address controller() const noexcept - { - return Address(m_id >> 24U); - } + ZT_INLINE Address controller() const noexcept { return Address(m_id >> 24U); } - ZT_INLINE bool multicastEnabled() const noexcept - { - return (m_config.multicastLimit > 0); - } + ZT_INLINE bool multicastEnabled() const noexcept { return (m_config.multicastLimit > 0); } - ZT_INLINE bool hasConfig() const noexcept - { - return (m_config); - } + ZT_INLINE bool hasConfig() const noexcept { return (m_config); } - ZT_INLINE uint64_t lastConfigUpdate() const noexcept - { - return m_lastConfigUpdate; - } + ZT_INLINE uint64_t lastConfigUpdate() const noexcept { return m_lastConfigUpdate; } - ZT_INLINE ZT_VirtualNetworkStatus status() const noexcept - { - return m_status(); - } + ZT_INLINE ZT_VirtualNetworkStatus status() const noexcept { return m_status(); } - ZT_INLINE const NetworkConfig& config() const noexcept - { - return m_config; - } + ZT_INLINE const NetworkConfig &config() const noexcept { return m_config; } - ZT_INLINE const MAC& mac() const noexcept - { - return m_mac; - } + ZT_INLINE const MAC &mac() const noexcept { return m_mac; } /** * Apply filters to an outgoing packet @@ -131,17 +106,9 @@ class Network { * @return True if packet should be sent, false if dropped or redirected */ bool filterOutgoingPacket( - const CallContext& cc, - bool noTee, - const Address& ztSource, - const Address& ztDest, - const MAC& macSource, - const MAC& macDest, - const uint8_t* frameData, - unsigned int frameLen, - unsigned int etherType, - unsigned int vlanId, - uint8_t& qosBucket); + const CallContext &cc, bool noTee, const Address &ztSource, const Address &ztDest, const MAC &macSource, + const MAC &macDest, const uint8_t *frameData, unsigned int frameLen, unsigned int etherType, + unsigned int vlanId, uint8_t &qosBucket); /** * Apply filters to an incoming packet @@ -162,14 +129,8 @@ class Network { * @return 0 == drop, 1 == accept, 2 == accept even if bridged */ int filterIncomingPacket( - const CallContext& cc, - const SharedPtr& sourcePeer, - const Address& ztDest, - const MAC& macSource, - const MAC& macDest, - const uint8_t* frameData, - unsigned int frameLen, - unsigned int etherType, + const CallContext &cc, const SharedPtr &sourcePeer, const Address &ztDest, const MAC &macSource, + const MAC &macDest, const uint8_t *frameData, unsigned int frameLen, unsigned int etherType, unsigned int vlanId); /** @@ -177,14 +138,14 @@ class Network { * * @param mg New multicast group */ - void multicastSubscribe(const CallContext& cc, const MulticastGroup& mg); + void multicastSubscribe(const CallContext &cc, const MulticastGroup &mg); /** * Unsubscribe from a multicast group * * @param mg Multicast group */ - void multicastUnsubscribe(const MulticastGroup& mg); + void multicastUnsubscribe(const MulticastGroup &mg); /** * Parse, verify, and handle an inbound network config chunk @@ -201,7 +162,8 @@ class Network { * @param size Size of data in chunk buffer (total, not relative to ptr) * @return Update ID if update was fully assembled and accepted or 0 otherwise */ - uint64_t handleConfigChunk(const CallContext& cc, uint64_t packetId, const SharedPtr& source, const Buf& chunk, int ptr, int size); + uint64_t handleConfigChunk( + const CallContext &cc, uint64_t packetId, const SharedPtr &source, const Buf &chunk, int ptr, int size); /** * Set network configuration @@ -214,23 +176,17 @@ class Network { * @param saveToDisk Save to disk? Used during loading, should usually be true otherwise. * @return 0 == bad, 1 == accepted but duplicate/unchanged, 2 == accepted and new */ - int setConfiguration(const CallContext& cc, const NetworkConfig& nconf, bool saveToDisk); + int setConfiguration(const CallContext &cc, const NetworkConfig &nconf, bool saveToDisk); /** * Set netconf failure to 'access denied' -- called in IncomingPacket when controller reports this */ - ZT_INLINE void setAccessDenied() noexcept - { - _netconfFailure = NETCONF_FAILURE_ACCESS_DENIED; - } + ZT_INLINE void setAccessDenied() noexcept { _netconfFailure = NETCONF_FAILURE_ACCESS_DENIED; } /** * Set netconf failure to 'not found' -- called by IncomingPacket when controller reports this */ - ZT_INLINE void setNotFound() noexcept - { - _netconfFailure = NETCONF_FAILURE_NOT_FOUND; - } + ZT_INLINE void setNotFound() noexcept { _netconfFailure = NETCONF_FAILURE_NOT_FOUND; } /** * Determine whether this peer is permitted to communicate on this network @@ -238,12 +194,12 @@ class Network { * @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call * @param peer Peer to check */ - bool gate(void* tPtr, const SharedPtr& peer) noexcept; + bool gate(void *tPtr, const SharedPtr &peer) noexcept; /** * Do periodic cleanup and housekeeping tasks */ - void doPeriodicTasks(const CallContext& cc); + void doPeriodicTasks(const CallContext &cc); /** * Find the node on this network that has this MAC behind it (if any) @@ -251,7 +207,7 @@ class Network { * @param mac MAC address * @return ZeroTier address of bridge to this MAC */ - ZT_INLINE Address findBridgeTo(const MAC& mac) const + ZT_INLINE Address findBridgeTo(const MAC &mac) const { Mutex::Lock _l(m_remoteBridgeRoutes_l); Map::const_iterator br(m_remoteBridgeRoutes.find(mac)); @@ -264,7 +220,7 @@ class Network { * @param mac MAC address of destination * @param addr Bridge this MAC is reachable behind */ - void learnBridgeRoute(const MAC& mac, const Address& addr); + void learnBridgeRoute(const MAC &mac, const Address &addr); /** * Learn a multicast group that is bridged to our tap device @@ -273,7 +229,7 @@ class Network { * @param mg Multicast group * @param now Current time */ - ZT_INLINE void learnBridgedMulticastGroup(const MulticastGroup& mg, int64_t now) + ZT_INLINE void learnBridgedMulticastGroup(const MulticastGroup &mg, int64_t now) { Mutex::Lock l(m_myMulticastGroups_l); m_multicastGroupsBehindMe[mg] = now; @@ -282,34 +238,39 @@ class Network { /** * Validate a credential and learn it if it passes certificate and other checks */ - Member::AddCredentialResult addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const MembershipCredential& com); + Member::AddCredentialResult + addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const MembershipCredential &com); /** * Validate a credential and learn it if it passes certificate and other checks */ - Member::AddCredentialResult addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const CapabilityCredential& cap); + Member::AddCredentialResult + addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const CapabilityCredential &cap); /** * Validate a credential and learn it if it passes certificate and other checks */ - Member::AddCredentialResult addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const TagCredential& tag); + Member::AddCredentialResult + addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const TagCredential &tag); /** * Validate a credential and learn it if it passes certificate and other checks */ - Member::AddCredentialResult addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const RevocationCredential& rev); + Member::AddCredentialResult + addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const RevocationCredential &rev); /** * Validate a credential and learn it if it passes certificate and other checks */ - Member::AddCredentialResult addCredential(const CallContext& cc, const Identity& sourcePeerIdentity, const OwnershipCredential& coo); + Member::AddCredentialResult + addCredential(const CallContext &cc, const Identity &sourcePeerIdentity, const OwnershipCredential &coo); /** * Push credentials to a peer if timeouts indicate that we should do so * * @param to Destination peer */ - void pushCredentials(const CallContext& cc, const SharedPtr& to); + void pushCredentials(const CallContext &cc, const SharedPtr &to); /** * Destroy this network @@ -324,7 +285,7 @@ class Network { * * @param ec Buffer to fill with externally-visible network configuration */ - void externalConfig(ZT_VirtualNetworkConfig* ec) const; + void externalConfig(ZT_VirtualNetworkConfig *ec) const; /** * Iterate through memberships @@ -334,8 +295,9 @@ class Network { template ZT_INLINE void eachMember(F f) { Mutex::Lock ml(m_memberships_l); - for (Map::iterator i(m_memberships.begin()); i != m_memberships.end(); ++i) { // NOLINT(modernize-loop-convert,hicpp-use-auto,modernize-use-auto) - if (! f(i->first, i->second)) + for (Map::iterator i(m_memberships.begin()); i != m_memberships.end(); + ++i) { // NOLINT(modernize-loop-convert,hicpp-use-auto,modernize-use-auto) + if (!f(i->first, i->second)) break; } } @@ -343,21 +305,18 @@ class Network { /** * @return Externally usable pointer-to-pointer exported via the core API */ - ZT_INLINE void** userPtr() noexcept - { - return &m_uPtr; - } + ZT_INLINE void **userPtr() noexcept { return &m_uPtr; } private: - void m_requestConfiguration(const CallContext& cc); + void m_requestConfiguration(const CallContext &cc); ZT_VirtualNetworkStatus m_status() const; - void m_externalConfig(ZT_VirtualNetworkConfig* ec) const; // assumes _lock is locked - void m_announceMulticastGroups(void* tPtr, bool force); - void m_announceMulticastGroupsTo(void* tPtr, const Address& peer, const Vector& allMulticastGroups); + void m_externalConfig(ZT_VirtualNetworkConfig *ec) const; // assumes _lock is locked + void m_announceMulticastGroups(void *tPtr, bool force); + void m_announceMulticastGroupsTo(void *tPtr, const Address &peer, const Vector &allMulticastGroups); Vector m_allMulticastGroups() const; - const Context& m_ctx; - void* m_uPtr; + const Context &m_ctx; + void *m_uPtr; const uint64_t m_id; Fingerprint m_controllerFingerprint; MAC m_mac; // local MAC address @@ -367,13 +326,18 @@ class Network { Vector m_myMulticastGroups; // multicast groups that we belong to (according to tap) Map m_multicastGroupsBehindMe; // multicast groups that seem to be behind us and when we // last saw them (if we are a bridge) - Map m_remoteBridgeRoutes; // remote addresses where given MACs are reachable (for tracking devices - // behind remote bridges) + Map m_remoteBridgeRoutes; // remote addresses where given MACs are reachable (for tracking devices + // behind remote bridges) NetworkConfig m_config; std::atomic m_lastConfigUpdate; - volatile enum { NETCONF_FAILURE_NONE, NETCONF_FAILURE_ACCESS_DENIED, NETCONF_FAILURE_NOT_FOUND, NETCONF_FAILURE_INIT_FAILED } _netconfFailure; + volatile enum { + NETCONF_FAILURE_NONE, + NETCONF_FAILURE_ACCESS_DENIED, + NETCONF_FAILURE_NOT_FOUND, + NETCONF_FAILURE_INIT_FAILED + } _netconfFailure; Map m_memberships; diff --git a/core/NetworkConfig.cpp b/core/NetworkConfig.cpp index 9cd6d480c..b30606fe6 100644 --- a/core/NetworkConfig.cpp +++ b/core/NetworkConfig.cpp @@ -21,7 +21,7 @@ namespace ZeroTier { -bool NetworkConfig::toDictionary(Dictionary& d) const +bool NetworkConfig::toDictionary(Dictionary &d) const { uint8_t tmp[ZT_BUF_MEM_SIZE]; try { @@ -31,8 +31,9 @@ bool NetworkConfig::toDictionary(Dictionary& d) const d.add(ZT_NETWORKCONFIG_DICT_KEY_TIMESTAMP, this->timestamp); d.add(ZT_NETWORKCONFIG_DICT_KEY_CREDENTIAL_TIME_MAX_DELTA, this->credentialTimeMaxDelta); d.add(ZT_NETWORKCONFIG_DICT_KEY_REVISION, this->revision); - d.add(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO, this->issuedTo.toString((char*)tmp)); - d.add(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO_IDENTITY_HASH, this->issuedToFingerprintHash, ZT_FINGERPRINT_HASH_SIZE); + d.add(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO, this->issuedTo.toString((char *)tmp)); + d.add( + ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO_IDENTITY_HASH, this->issuedToFingerprintHash, ZT_FINGERPRINT_HASH_SIZE); d.add(ZT_NETWORKCONFIG_DICT_KEY_FLAGS, this->flags); d.add(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_LIMIT, (uint64_t)this->multicastLimit); d.add(ZT_NETWORKCONFIG_DICT_KEY_TYPE, (uint64_t)this->type); @@ -43,7 +44,7 @@ bool NetworkConfig::toDictionary(Dictionary& d) const d.add(ZT_NETWORKCONFIG_DICT_KEY_COM, tmp, this->com.marshal(tmp)); } - Vector* blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_CAPABILITIES]); + Vector *blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_CAPABILITIES]); for (unsigned int i = 0; i < this->capabilityCount; ++i) { int l = this->capabilities[i].marshal(tmp); if (l < 0) @@ -108,29 +109,29 @@ bool NetworkConfig::toDictionary(Dictionary& d) const return false; } -bool NetworkConfig::fromDictionary(const Dictionary& d) +bool NetworkConfig::fromDictionary(const Dictionary &d) { static const NetworkConfig NIL_NC; try { *this = NIL_NC; this->networkId = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_NETWORK_ID, 0); - if (! this->networkId) + if (!this->networkId) return false; this->timestamp = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_TIMESTAMP, 0); if (this->timestamp <= 0) return false; this->credentialTimeMaxDelta = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_CREDENTIAL_TIME_MAX_DELTA, 0); - this->revision = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_REVISION, 0); - this->issuedTo = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO, 0); - const Vector* blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO_IDENTITY_HASH]); + this->revision = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_REVISION, 0); + this->issuedTo = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO, 0); + const Vector *blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_ISSUED_TO_IDENTITY_HASH]); if (blob->size() == ZT_FINGERPRINT_HASH_SIZE) { Utils::copy(this->issuedToFingerprintHash, blob->data()); } else { Utils::zero(this->issuedToFingerprintHash); } - if (! this->issuedTo) + if (!this->issuedTo) return false; this->multicastLimit = (unsigned int)d.getUI(ZT_NETWORKCONFIG_DICT_KEY_MULTICAST_LIMIT, 0); d.getS(ZT_NETWORKCONFIG_DICT_KEY_NAME, this->name, sizeof(this->name)); @@ -145,16 +146,17 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } else { this->flags = d.getUI(ZT_NETWORKCONFIG_DICT_KEY_FLAGS, 0); - this->type = (ZT_VirtualNetworkType)d.getUI(ZT_NETWORKCONFIG_DICT_KEY_TYPE, (uint64_t)ZT_NETWORK_TYPE_PRIVATE); + this->type = + (ZT_VirtualNetworkType)d.getUI(ZT_NETWORKCONFIG_DICT_KEY_TYPE, (uint64_t)ZT_NETWORK_TYPE_PRIVATE); blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_COM]); - if (! blob->empty()) { + if (!blob->empty()) { if (this->com.unmarshal(blob->data(), (int)(blob->size()) < 0)) return false; } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_CAPABILITIES]); - if (! blob->empty()) { + if (!blob->empty()) { try { unsigned int p = 0; while (p < blob->size()) { @@ -173,7 +175,7 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_TAGS]); - if (! blob->empty()) { + if (!blob->empty()) { try { unsigned int p = 0; while (p < blob->size()) { @@ -192,7 +194,7 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATES_OF_OWNERSHIP]); - if (! blob->empty()) { + if (!blob->empty()) { try { unsigned int p = 0; while (p < blob->size()) { @@ -207,11 +209,13 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } catch (...) { } - std::sort(&(this->certificatesOfOwnership[0]), &(this->certificatesOfOwnership[this->certificateOfOwnershipCount])); + std::sort( + &(this->certificatesOfOwnership[0]), + &(this->certificatesOfOwnership[this->certificateOfOwnershipCount])); } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_SPECIALISTS]); - if (! blob->empty()) { + if (!blob->empty()) { unsigned int p = 0; while (((p + 8) <= blob->size()) && (specialistCount < ZT_MAX_NETWORK_SPECIALISTS)) { this->specialists[this->specialistCount++] = Utils::loadBigEndian(blob->data() + p); @@ -220,16 +224,18 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_ROUTES]); - if (! blob->empty()) { + if (!blob->empty()) { unsigned int p = 0; while ((p < blob->size()) && (routeCount < ZT_MAX_NETWORK_ROUTES)) { - int l = asInetAddress(this->routes[this->routeCount].target).unmarshal(blob->data(), (int)(blob->size() - p)); + int l = asInetAddress(this->routes[this->routeCount].target) + .unmarshal(blob->data(), (int)(blob->size() - p)); if (l < 0) return false; p += l; if (p >= blob->size()) return false; - l = asInetAddress(this->routes[this->routeCount].via).unmarshal(blob->data(), (int)(blob->size() - p)); + l = asInetAddress(this->routes[this->routeCount].via) + .unmarshal(blob->data(), (int)(blob->size() - p)); if (l < 0) return false; p += l; @@ -244,7 +250,7 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_STATIC_IPS]); - if (! blob->empty()) { + if (!blob->empty()) { unsigned int p = 0; while ((p < blob->size()) && (staticIpCount < ZT_MAX_ZT_ASSIGNED_ADDRESSES)) { int l = this->staticIps[this->staticIpCount].unmarshal(blob->data() + p, (int)(blob->size() - p)); @@ -256,9 +262,11 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) } blob = &(d[ZT_NETWORKCONFIG_DICT_KEY_RULES]); - if (! blob->empty()) { + if (!blob->empty()) { this->ruleCount = 0; - if (CapabilityCredential::unmarshalVirtualNetworkRules(blob->data(), (int)blob->size(), this->rules, this->ruleCount, ZT_MAX_NETWORK_RULES) < 0) + if (CapabilityCredential::unmarshalVirtualNetworkRules( + blob->data(), (int)blob->size(), this->rules, this->ruleCount, ZT_MAX_NETWORK_RULES) + < 0) return false; } } @@ -270,7 +278,7 @@ bool NetworkConfig::fromDictionary(const Dictionary& d) return false; } -bool NetworkConfig::addSpecialist(const Address& a, const uint64_t f) noexcept +bool NetworkConfig::addSpecialist(const Address &a, const uint64_t f) noexcept { const uint64_t aint = a.toInt(); for (unsigned int i = 0; i < specialistCount; ++i) { diff --git a/core/NetworkConfig.hpp b/core/NetworkConfig.hpp index fdc968af4..74f8717ec 100644 --- a/core/NetworkConfig.hpp +++ b/core/NetworkConfig.hpp @@ -156,7 +156,7 @@ struct NetworkConfig : TriviallyCopyable { * @param d Dictionary * @return True if dictionary was successfully created, false if e.g. overflow */ - bool toDictionary(Dictionary& d) const; + bool toDictionary(Dictionary &d) const; /** * Read this network config from a dictionary @@ -164,7 +164,7 @@ struct NetworkConfig : TriviallyCopyable { * @param d Dictionary (non-const since it might be modified during parse, should not be used after call) * @return True if dictionary was valid and network config successfully initialized */ - bool fromDictionary(const Dictionary& d); + bool fromDictionary(const Dictionary &d); /** * @return True if broadcast (ff:ff:ff:ff:ff:ff) address should work on this network @@ -185,27 +185,22 @@ struct NetworkConfig : TriviallyCopyable { /** * @return Network type is public (no access control) */ - ZT_INLINE bool isPublic() const noexcept - { - return (this->type == ZT_NETWORK_TYPE_PUBLIC); - } + ZT_INLINE bool isPublic() const noexcept { return (this->type == ZT_NETWORK_TYPE_PUBLIC); } /** * @return Network type is private (certificate access control) */ - ZT_INLINE bool isPrivate() const noexcept - { - return (this->type == ZT_NETWORK_TYPE_PRIVATE); - } + ZT_INLINE bool isPrivate() const noexcept { return (this->type == ZT_NETWORK_TYPE_PRIVATE); } /** * @param fromPeer Peer attempting to bridge other Ethernet peers onto network * @return True if this network allows bridging */ - ZT_INLINE bool permitsBridging(const Address& fromPeer) const noexcept + ZT_INLINE bool permitsBridging(const Address &fromPeer) const noexcept { for (unsigned int i = 0; i < specialistCount; ++i) { - if ((fromPeer.toInt() == (specialists[i] & ZT_ADDRESS_MASK)) && ((specialists[i] & ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE) != 0)) + if ((fromPeer.toInt() == (specialists[i] & ZT_ADDRESS_MASK)) + && ((specialists[i] & ZT_NETWORKCONFIG_SPECIALIST_TYPE_ACTIVE_BRIDGE) != 0)) return true; } return false; @@ -215,15 +210,12 @@ struct NetworkConfig : TriviallyCopyable { { return (networkId != 0); } // NOLINT(google-explicit-constructor,hicpp-explicit-conversions) - ZT_INLINE bool operator==(const NetworkConfig& nc) const noexcept + ZT_INLINE bool operator==(const NetworkConfig &nc) const noexcept { return (memcmp(this, &nc, sizeof(NetworkConfig)) == 0); } - ZT_INLINE bool operator!=(const NetworkConfig& nc) const noexcept - { - return (! (*this == nc)); - } + ZT_INLINE bool operator!=(const NetworkConfig &nc) const noexcept { return (!(*this == nc)); } /** * Add a specialist or mask flags if already present @@ -235,9 +227,9 @@ struct NetworkConfig : TriviallyCopyable { * @param f Flags (OR of specialist role/type flags) * @return True if successfully masked or added */ - bool addSpecialist(const Address& a, uint64_t f) noexcept; + bool addSpecialist(const Address &a, uint64_t f) noexcept; - ZT_INLINE const CapabilityCredential* capability(const uint32_t id) const + ZT_INLINE const CapabilityCredential *capability(const uint32_t id) const { for (unsigned int i = 0; i < capabilityCount; ++i) { if (capabilities[i].id() == id) @@ -246,7 +238,7 @@ struct NetworkConfig : TriviallyCopyable { return nullptr; } - ZT_INLINE const TagCredential* tag(const uint32_t id) const + ZT_INLINE const TagCredential *tag(const uint32_t id) const { for (unsigned int i = 0; i < tagCount; ++i) { if (tags[i].id() == id) diff --git a/core/NetworkController.hpp b/core/NetworkController.hpp index 8fb454d2e..02b301b53 100644 --- a/core/NetworkController.hpp +++ b/core/NetworkController.hpp @@ -30,7 +30,12 @@ struct InetAddress; */ class NetworkController { public: - enum ErrorCode { NC_ERROR_NONE = 0, NC_ERROR_OBJECT_NOT_FOUND = 1, NC_ERROR_ACCESS_DENIED = 2, NC_ERROR_INTERNAL_SERVER_ERROR = 3 }; + enum ErrorCode { + NC_ERROR_NONE = 0, + NC_ERROR_OBJECT_NOT_FOUND = 1, + NC_ERROR_ACCESS_DENIED = 2, + NC_ERROR_INTERNAL_SERVER_ERROR = 3 + }; /** * Interface for sender used to send pushes and replies @@ -47,7 +52,9 @@ class NetworkController { * @param nc Network configuration to send * @param sendLegacyFormatConfig If true, send an old-format network config */ - virtual void ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, const NetworkConfig& nc, bool sendLegacyFormatConfig) = 0; + virtual void ncSendConfig( + void *tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, + const Address &destination, const NetworkConfig &nc, bool sendLegacyFormatConfig) = 0; /** * Send revocation to a node @@ -55,7 +62,8 @@ class NetworkController { * @param destination Destination node address * @param rev Revocation to send */ - virtual void ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Address& destination, const RevocationCredential& rev) = 0; + virtual void ncSendRevocation( + void *tPtr, int64_t clock, int64_t ticks, const Address &destination, const RevocationCredential &rev) = 0; /** * Send a network configuration request error @@ -65,15 +73,13 @@ class NetworkController { * @param destination Destination peer Address * @param errorCode Error code */ - virtual void ncSendError(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, NetworkController::ErrorCode errorCode) = 0; + virtual void ncSendError( + void *tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, + const Address &destination, NetworkController::ErrorCode errorCode) = 0; }; - NetworkController() - { - } - virtual ~NetworkController() - { - } + NetworkController() {} + virtual ~NetworkController() {} /** * Called when this is added to a Node to initialize and supply info @@ -81,7 +87,7 @@ class NetworkController { * @param signingId Identity for signing of network configurations, certs, etc. * @param sender Sender implementation for sending replies or config pushes */ - virtual void init(const Identity& signingId, Sender* sender) = 0; + virtual void init(const Identity &signingId, Sender *sender) = 0; /** * Handle a network configuration request @@ -93,7 +99,9 @@ class NetworkController { * @param metaData Meta-data bundled with request (if any) * @return Returns NETCONF_QUERY_OK if result 'nc' is valid, or an error code on error */ - virtual void request(uint64_t nwid, const InetAddress& fromAddr, uint64_t requestPacketId, const Identity& identity, const Dictionary& metaData) = 0; + virtual void request( + uint64_t nwid, const InetAddress &fromAddr, uint64_t requestPacketId, const Identity &identity, + const Dictionary &metaData) = 0; }; } // namespace ZeroTier diff --git a/core/Node.cpp b/core/Node.cpp index 256ca3543..441a36615 100644 --- a/core/Node.cpp +++ b/core/Node.cpp @@ -35,19 +35,27 @@ namespace ZeroTier { namespace { struct _NodeObjects { - ZT_INLINE _NodeObjects(Context& ctx, const CallContext& cc) : networks(), t(ctx), expect(), vl2(ctx), vl1(ctx), topology(ctx, cc), sa(ctx), ts() + ZT_INLINE _NodeObjects(Context &ctx, const CallContext &cc) + : networks() + , t(ctx) + , expect() + , vl2(ctx) + , vl1(ctx) + , topology(ctx, cc) + , sa(ctx) + , ts() { ctx.networks = &networks; - ctx.t = &t; - ctx.expect = &expect; - ctx.vl2 = &vl2; - ctx.vl1 = &vl1; + ctx.t = &t; + ctx.expect = &expect; + ctx.vl2 = &vl2; + ctx.vl1 = &vl1; ctx.topology = &topology; - ctx.sa = &sa; - ctx.ts = &ts; + ctx.sa = &sa; + ctx.ts = &ts; } - TinyMap > networks; + TinyMap> networks; Trace t; Expect expect; VL2 vl2; @@ -59,7 +67,7 @@ struct _NodeObjects { } // anonymous namespace -Node::Node(void* uPtr, const struct ZT_Node_Callbacks* callbacks, const CallContext& cc) +Node::Node(void *uPtr, const struct ZT_Node_Callbacks *callbacks, const CallContext &cc) : m_ctx(this) , m_store(m_ctx) , m_objects(nullptr) @@ -72,14 +80,14 @@ Node::Node(void* uPtr, const struct ZT_Node_Callbacks* callbacks, const CallCont ZT_SPEW("Node starting up!"); Utils::copy(&m_ctx.cb, callbacks); - m_ctx.uPtr = uPtr; + m_ctx.uPtr = uPtr; m_ctx.store = &m_store; Vector data(m_store.get(cc, ZT_STATE_OBJECT_IDENTITY_SECRET, Utils::ZERO256, 0)); bool haveIdentity = false; - if (! data.empty()) { + if (!data.empty()) { data.push_back(0); // zero-terminate string - if (m_ctx.identity.fromString((const char*)data.data())) { + if (m_ctx.identity.fromString((const char *)data.data())) { m_ctx.identity.toString(false, m_ctx.publicIdentityStr); m_ctx.identity.toString(true, m_ctx.secretIdentityStr); haveIdentity = true; @@ -87,18 +95,24 @@ Node::Node(void* uPtr, const struct ZT_Node_Callbacks* callbacks, const CallCont } } - if (! haveIdentity) { + if (!haveIdentity) { m_ctx.identity.generate(Identity::C25519); m_ctx.identity.toString(false, m_ctx.publicIdentityStr); m_ctx.identity.toString(true, m_ctx.secretIdentityStr); - m_store.put(cc, ZT_STATE_OBJECT_IDENTITY_SECRET, Utils::ZERO256, 0, m_ctx.secretIdentityStr, (unsigned int)strlen(m_ctx.secretIdentityStr)); - m_store.put(cc, ZT_STATE_OBJECT_IDENTITY_PUBLIC, Utils::ZERO256, 0, m_ctx.publicIdentityStr, (unsigned int)strlen(m_ctx.publicIdentityStr)); + m_store.put( + cc, ZT_STATE_OBJECT_IDENTITY_SECRET, Utils::ZERO256, 0, m_ctx.secretIdentityStr, + (unsigned int)strlen(m_ctx.secretIdentityStr)); + m_store.put( + cc, ZT_STATE_OBJECT_IDENTITY_PUBLIC, Utils::ZERO256, 0, m_ctx.publicIdentityStr, + (unsigned int)strlen(m_ctx.publicIdentityStr)); ZT_SPEW("no pre-existing identity found, created %s", m_ctx.identity.toString().c_str()); } else { data = m_store.get(cc, ZT_STATE_OBJECT_IDENTITY_PUBLIC, Utils::ZERO256, 0); if ((data.empty()) || (memcmp(data.data(), m_ctx.publicIdentityStr, strlen(m_ctx.publicIdentityStr)) != 0)) - m_store.put(cc, ZT_STATE_OBJECT_IDENTITY_PUBLIC, Utils::ZERO256, 0, m_ctx.publicIdentityStr, (unsigned int)strlen(m_ctx.publicIdentityStr)); + m_store.put( + cc, ZT_STATE_OBJECT_IDENTITY_PUBLIC, Utils::ZERO256, 0, m_ctx.publicIdentityStr, + (unsigned int)strlen(m_ctx.publicIdentityStr)); } uint8_t localSecretCipherKey[ZT_FINGERPRINT_HASH_SIZE]; @@ -110,11 +124,11 @@ Node::Node(void* uPtr, const struct ZT_Node_Callbacks* callbacks, const CallCont for (unsigned int i = 0; i < 1023; ++i) m_ctx.randomPrivilegedPortOrder[i] = (uint16_t)(i + 1); for (unsigned int i = 0; i < 512; ++i) { - uint64_t rn = Utils::random(); + uint64_t rn = Utils::random(); const unsigned int a = (unsigned int)rn % 1023; const unsigned int b = (unsigned int)(rn >> 32U) % 1023; if (a != b) { - const uint16_t tmp = m_ctx.randomPrivilegedPortOrder[a]; + const uint16_t tmp = m_ctx.randomPrivilegedPortOrder[a]; m_ctx.randomPrivilegedPortOrder[a] = m_ctx.randomPrivilegedPortOrder[b]; m_ctx.randomPrivilegedPortOrder[b] = tmp; } @@ -135,7 +149,7 @@ Node::~Node() m_allNetworks.clear(); m_allNetworks_l.unlock(); - delete reinterpret_cast<_NodeObjects*>(m_objects); + delete reinterpret_cast<_NodeObjects *>(m_objects); // Let go of cached Buf objects. If other nodes happen to be running in this // same process space new Bufs will be allocated as needed, but this is almost @@ -144,7 +158,7 @@ Node::~Node() Buf::freePool(); } -void Node::shutdown(const CallContext& cc) +void Node::shutdown(const CallContext &cc) { m_allNetworks_l.lock(); m_ctx.networks->clear(); @@ -157,7 +171,7 @@ void Node::shutdown(const CallContext& cc) m_ctx.topology->saveAll(cc); } -ZT_ResultCode Node::processBackgroundTasks(const CallContext& cc, volatile int64_t* nextBackgroundTaskDeadline) +ZT_ResultCode Node::processBackgroundTasks(const CallContext &cc, volatile int64_t *nextBackgroundTaskDeadline) { Mutex::Lock bl(m_backgroundTasksLock); @@ -176,7 +190,7 @@ ZT_ResultCode Node::processBackgroundTasks(const CallContext& cc, volatile int64 m_lastNetworkHousekeepingRun = cc.ticks; ZT_SPEW("running networking housekeeping..."); Mutex::Lock l(m_allNetworks_l); - for (Vector >::const_iterator n(m_allNetworks.begin()); n != m_allNetworks.end(); ++n) + for (Vector>::const_iterator n(m_allNetworks.begin()); n != m_allNetworks.end(); ++n) (*n)->doPeriodicTasks(cc); } @@ -196,15 +210,17 @@ ZT_ResultCode Node::processBackgroundTasks(const CallContext& cc, volatile int64 m_lastPeerPulse = cc.ticks; ZT_SPEW("running pulse() on each peer..."); try { - Vector > allPeers, rootPeers; + Vector> allPeers, rootPeers; m_ctx.topology->allPeers(allPeers, rootPeers); std::sort(rootPeers.begin(), rootPeers.end()); bool online = false; - for (Vector >::iterator p(allPeers.begin()); p != allPeers.end(); ++p) { + for (Vector>::iterator p(allPeers.begin()); p != allPeers.end(); ++p) { (*p)->pulse(m_ctx, cc); - if (! online) { - online = ((std::binary_search(rootPeers.begin(), rootPeers.end(), *p) || rootPeers.empty()) && (*p)->directlyConnected()); + if (!online) { + online = + ((std::binary_search(rootPeers.begin(), rootPeers.end(), *p) || rootPeers.empty()) + && (*p)->directlyConnected()); } } @@ -228,7 +244,7 @@ ZT_ResultCode Node::processBackgroundTasks(const CallContext& cc, volatile int64 return ZT_RESULT_OK; } -ZT_ResultCode Node::join(uint64_t nwid, const ZT_Fingerprint* controllerFingerprint, void* uptr, const CallContext& cc) +ZT_ResultCode Node::join(uint64_t nwid, const ZT_Fingerprint *controllerFingerprint, void *uptr, const CallContext &cc) { Mutex::Lock l(m_allNetworks_l); @@ -241,7 +257,7 @@ ZT_ResultCode Node::join(uint64_t nwid, const ZT_Fingerprint* controllerFingerpr ZT_SPEW("joining network %.16llx", nwid); } - for (Vector >::iterator n(m_allNetworks.begin()); n != m_allNetworks.end(); ++n) { + for (Vector>::iterator n(m_allNetworks.begin()); n != m_allNetworks.end(); ++n) { if ((*n)->id() == nwid) return ZT_RESULT_OK; } @@ -252,7 +268,7 @@ ZT_ResultCode Node::join(uint64_t nwid, const ZT_Fingerprint* controllerFingerpr return ZT_RESULT_OK; } -ZT_ResultCode Node::leave(uint64_t nwid, void** uptr, const CallContext& cc) +ZT_ResultCode Node::leave(uint64_t nwid, void **uptr, const CallContext &cc) { Mutex::Lock l(m_allNetworks_l); @@ -261,7 +277,7 @@ ZT_ResultCode Node::leave(uint64_t nwid, void** uptr, const CallContext& cc) SharedPtr network; m_ctx.networks->erase(nwid); - for (Vector >::iterator n(m_allNetworks.begin()); n != m_allNetworks.end(); ++n) { + for (Vector>::iterator n(m_allNetworks.begin()); n != m_allNetworks.end(); ++n) { if ((*n)->id() == nwid) { network.move(*n); m_allNetworks.erase(n); @@ -278,7 +294,9 @@ ZT_ResultCode Node::leave(uint64_t nwid, void** uptr, const CallContext& cc) if (uptr) *uptr = *network->userPtr(); network->externalConfig(&ctmp); - m_ctx.cb.virtualNetworkConfigFunction(reinterpret_cast(this), m_ctx.uPtr, cc.tPtr, nwid, network->userPtr(), ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY, &ctmp); + m_ctx.cb.virtualNetworkConfigFunction( + reinterpret_cast(this), m_ctx.uPtr, cc.tPtr, nwid, network->userPtr(), + ZT_VIRTUAL_NETWORK_CONFIG_OPERATION_DESTROY, &ctmp); network->destroy(); return ZT_RESULT_OK; } @@ -287,7 +305,8 @@ ZT_ResultCode Node::leave(uint64_t nwid, void** uptr, const CallContext& cc) } } -ZT_ResultCode Node::multicastSubscribe(const CallContext& cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi) +ZT_ResultCode +Node::multicastSubscribe(const CallContext &cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi) { ZT_SPEW("multicast subscribe to %s:%lu", MAC(multicastGroup).toString().c_str(), multicastAdi); const SharedPtr nw(m_ctx.networks->get(nwid)); @@ -300,7 +319,8 @@ ZT_ResultCode Node::multicastSubscribe(const CallContext& cc, uint64_t nwid, uin } } -ZT_ResultCode Node::multicastUnsubscribe(const CallContext& cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi) +ZT_ResultCode +Node::multicastUnsubscribe(const CallContext &cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi) { ZT_SPEW("multicast unsubscribe from %s:%lu", MAC(multicastGroup).toString().c_str(), multicastAdi); const SharedPtr nw(m_ctx.networks->get(nwid)); @@ -313,114 +333,114 @@ ZT_ResultCode Node::multicastUnsubscribe(const CallContext& cc, uint64_t nwid, u } } -void Node::status(ZT_NodeStatus* status) const +void Node::status(ZT_NodeStatus *status) const { - status->address = m_ctx.identity.address().toInt(); - status->identity = reinterpret_cast(&m_ctx.identity); + status->address = m_ctx.identity.address().toInt(); + status->identity = reinterpret_cast(&m_ctx.identity); status->publicIdentity = m_ctx.publicIdentityStr; status->secretIdentity = m_ctx.secretIdentityStr; - status->online = m_online ? 1 : 0; + status->online = m_online ? 1 : 0; } struct p_ZT_PeerListPrivate : public ZT_PeerList { // Actual containers for the memory, hidden from external users. Vector p_peers; - ForwardList > p_paths; + ForwardList> p_paths; ForwardList p_identities; - ForwardList > p_locators; + ForwardList> p_locators; }; -static void p_peerListFreeFunction(const void* pl) +static void p_peerListFreeFunction(const void *pl) { if (pl) - delete reinterpret_cast(const_cast(pl)); + delete reinterpret_cast(const_cast(pl)); } struct p_sortPeerPtrsByAddress { - ZT_INLINE bool operator()(const SharedPtr& a, const SharedPtr& b) const noexcept + ZT_INLINE bool operator()(const SharedPtr &a, const SharedPtr &b) const noexcept { return (a->address() < b->address()); } }; -ZT_PeerList* Node::peers(const CallContext& cc) const +ZT_PeerList *Node::peers(const CallContext &cc) const { - p_ZT_PeerListPrivate* pl = nullptr; + p_ZT_PeerListPrivate *pl = nullptr; try { - pl = new p_ZT_PeerListPrivate; + pl = new p_ZT_PeerListPrivate; pl->freeFunction = p_peerListFreeFunction; - Vector > peers, rootPeers; + Vector> peers, rootPeers; m_ctx.topology->allPeers(peers, rootPeers); std::sort(peers.begin(), peers.end(), p_sortPeerPtrsByAddress()); std::sort(rootPeers.begin(), rootPeers.end()); - for (Vector >::iterator pi(peers.begin()); pi != peers.end(); ++pi) { + for (Vector>::iterator pi(peers.begin()); pi != peers.end(); ++pi) { pl->p_peers.push_back(ZT_Peer()); - ZT_Peer& p = pl->p_peers.back(); - Peer& pp = **pi; + ZT_Peer &p = pl->p_peers.back(); + Peer &pp = **pi; p.address = pp.address(); pl->p_identities.push_front(pp.identity()); - p.identity = reinterpret_cast(&(pl->p_identities.front())); + p.identity = reinterpret_cast(&(pl->p_identities.front())); p.fingerprint = &(pl->p_identities.front().fingerprint()); uint16_t vProto, vMajor, vMinor, vRevision; if (pp.remoteVersion(vProto, vMajor, vMinor, vRevision)) { p.versionMajor = (int)vMajor; p.versionMinor = (int)vMinor; - p.versionRev = (int)vRevision; + p.versionRev = (int)vRevision; p.versionProto = (int)vProto; } else { p.versionMajor = -1; p.versionMinor = -1; - p.versionRev = -1; + p.versionRev = -1; p.versionProto = -1; } p.latency = pp.latency(); - p.root = std::binary_search(rootPeers.begin(), rootPeers.end(), *pi) ? 1 : 0; + p.root = std::binary_search(rootPeers.begin(), rootPeers.end(), *pi) ? 1 : 0; - p.networks = nullptr; + p.networks = nullptr; p.networkCount = 0; // TODO: networks this peer belongs to - Vector > ztPaths; + Vector> ztPaths; pp.getAllPaths(ztPaths); if (ztPaths.empty()) { pl->p_paths.push_front(Vector()); - std::vector& apiPaths = pl->p_paths.front(); + std::vector &apiPaths = pl->p_paths.front(); apiPaths.resize(ztPaths.size()); for (unsigned long i = 0; i < (unsigned long)ztPaths.size(); ++i) { - SharedPtr& ztp = ztPaths[i]; - ZT_Path& apip = apiPaths[i]; - apip.endpoint.type = ZT_ENDPOINT_TYPE_IP_UDP; + SharedPtr &ztp = ztPaths[i]; + ZT_Path &apip = apiPaths[i]; + apip.endpoint.type = ZT_ENDPOINT_TYPE_IP_UDP; Utils::copy(&(apip.endpoint.value.ss), &(ztp->address().as.ss)); - apip.lastSend = ztp->lastOut(); + apip.lastSend = ztp->lastOut(); apip.lastReceive = ztp->lastIn(); - apip.alive = ztp->alive(cc) ? 1 : 0; - apip.preferred = (i == 0) ? 1 : 0; + apip.alive = ztp->alive(cc) ? 1 : 0; + apip.preferred = (i == 0) ? 1 : 0; } - p.paths = apiPaths.data(); + p.paths = apiPaths.data(); p.pathCount = (unsigned int)apiPaths.size(); } else { - p.paths = nullptr; + p.paths = nullptr; p.pathCount = 0; } const SharedPtr loc(pp.locator()); if (loc) { pl->p_locators.push_front(Blob()); - Blob& lb = pl->p_locators.front(); + Blob &lb = pl->p_locators.front(); Utils::zero(lb.data); const int ls = loc->marshal(lb.data); if (ls > 0) { p.locatorSize = (unsigned int)ls; - p.locator = lb.data; + p.locator = lb.data; } } } - pl->peers = pl->p_peers.data(); + pl->peers = pl->p_peers.data(); pl->peerCount = (unsigned long)pl->p_peers.size(); return pl; @@ -431,11 +451,11 @@ ZT_PeerList* Node::peers(const CallContext& cc) const } } -ZT_VirtualNetworkConfig* Node::networkConfig(uint64_t nwid) const +ZT_VirtualNetworkConfig *Node::networkConfig(uint64_t nwid) const { const SharedPtr nw(m_ctx.networks->get(nwid)); if (nw) { - ZT_VirtualNetworkConfig* const nc = (ZT_VirtualNetworkConfig*)::malloc(sizeof(ZT_VirtualNetworkConfig)); + ZT_VirtualNetworkConfig *const nc = (ZT_VirtualNetworkConfig *)::malloc(sizeof(ZT_VirtualNetworkConfig)); nw->externalConfig(nc); return nc; } @@ -444,25 +464,26 @@ ZT_VirtualNetworkConfig* Node::networkConfig(uint64_t nwid) const } } -ZT_VirtualNetworkList* Node::networks() const +ZT_VirtualNetworkList *Node::networks() const { Mutex::Lock l(m_allNetworks_l); - char* const buf = (char*)::malloc(sizeof(ZT_VirtualNetworkList) + (sizeof(ZT_VirtualNetworkConfig) * m_allNetworks.size())); - if (! buf) + char *const buf = + (char *)::malloc(sizeof(ZT_VirtualNetworkList) + (sizeof(ZT_VirtualNetworkConfig) * m_allNetworks.size())); + if (!buf) return nullptr; - ZT_VirtualNetworkList* nl = (ZT_VirtualNetworkList*)buf; - nl->freeFunction = reinterpret_cast(free); - nl->networks = (ZT_VirtualNetworkConfig*)(buf + sizeof(ZT_VirtualNetworkList)); + ZT_VirtualNetworkList *nl = (ZT_VirtualNetworkList *)buf; + nl->freeFunction = reinterpret_cast(free); + nl->networks = (ZT_VirtualNetworkConfig *)(buf + sizeof(ZT_VirtualNetworkList)); nl->networkCount = 0; - for (Vector >::const_iterator i(m_allNetworks.begin()); i != m_allNetworks.end(); ++i) + for (Vector>::const_iterator i(m_allNetworks.begin()); i != m_allNetworks.end(); ++i) (*i)->externalConfig(&(nl->networks[nl->networkCount++])); return nl; } -void Node::setNetworkUserPtr(uint64_t nwid, void* ptr) +void Node::setNetworkUserPtr(uint64_t nwid, void *ptr) { SharedPtr nw(m_ctx.networks->get(nwid)); if (nw) { @@ -472,44 +493,48 @@ void Node::setNetworkUserPtr(uint64_t nwid, void* ptr) } } -void Node::setInterfaceAddresses(const ZT_InterfaceAddress* addrs, unsigned int addrCount) +void Node::setInterfaceAddresses(const ZT_InterfaceAddress *addrs, unsigned int addrCount) { Mutex::Lock _l(m_localInterfaceAddresses_m); m_localInterfaceAddresses.clear(); for (unsigned int i = 0; i < addrCount; ++i) { bool dupe = false; for (unsigned int j = 0; j < i; ++j) { - if (*(reinterpret_cast(&addrs[j].address)) == *(reinterpret_cast(&addrs[i].address))) { + if (*(reinterpret_cast(&addrs[j].address)) + == *(reinterpret_cast(&addrs[i].address))) { dupe = true; break; } } - if (! dupe) + if (!dupe) m_localInterfaceAddresses.push_back(addrs[i]); } } -ZT_CertificateError Node::addCertificate(const CallContext& cc, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize) +ZT_CertificateError Node::addCertificate( + const CallContext &cc, unsigned int localTrust, const ZT_Certificate *cert, const void *certData, + unsigned int certSize) { Certificate c; if (cert) { c = *cert; } else { - if ((! certData) || (! certSize)) + if ((!certData) || (!certSize)) return ZT_CERTIFICATE_ERROR_INVALID_FORMAT; - if (! c.decode(certData, certSize)) + if (!c.decode(certData, certSize)) return ZT_CERTIFICATE_ERROR_INVALID_FORMAT; } m_ctx.ts->add(c, localTrust); m_ctx.ts->update(cc.clock, nullptr); SharedPtr ent(m_ctx.ts->get(c.getSerialNo())); - return (ent) ? ent->error() : ZT_CERTIFICATE_ERROR_INVALID_FORMAT; // should never be null, but if so it means invalid + return (ent) ? ent->error() + : ZT_CERTIFICATE_ERROR_INVALID_FORMAT; // should never be null, but if so it means invalid } -ZT_ResultCode Node::deleteCertificate(const CallContext& cc, const void* serialNo) +ZT_ResultCode Node::deleteCertificate(const CallContext &cc, const void *serialNo) { - if (! serialNo) + if (!serialNo) return ZT_RESULT_ERROR_BAD_PARAMETER; m_ctx.ts->erase(H384(serialNo)); m_ctx.ts->update(-1, nullptr); @@ -517,45 +542,51 @@ ZT_ResultCode Node::deleteCertificate(const CallContext& cc, const void* serialN } struct p_certificateListInternal { - Vector > entries; - Vector c; + Vector> entries; + Vector c; Vector t; }; -static void p_freeCertificateList(const void* cl) +static void p_freeCertificateList(const void *cl) { if (cl) { - reinterpret_cast(reinterpret_cast(cl) + sizeof(ZT_CertificateList))->~p_certificateListInternal(); - free(const_cast(cl)); + reinterpret_cast( + reinterpret_cast(cl) + sizeof(ZT_CertificateList)) + ->~p_certificateListInternal(); + free(const_cast(cl)); } } -ZT_CertificateList* Node::listCertificates() +ZT_CertificateList *Node::listCertificates() { - ZT_CertificateList* const cl = (ZT_CertificateList*)malloc(sizeof(ZT_CertificateList) + sizeof(p_certificateListInternal)); - if (! cl) + ZT_CertificateList *const cl = + (ZT_CertificateList *)malloc(sizeof(ZT_CertificateList) + sizeof(p_certificateListInternal)); + if (!cl) return nullptr; - p_certificateListInternal* const clint = reinterpret_cast(reinterpret_cast(cl) + sizeof(ZT_CertificateList)); + p_certificateListInternal *const clint = + reinterpret_cast(reinterpret_cast(cl) + sizeof(ZT_CertificateList)); new (clint) p_certificateListInternal; clint->entries = m_ctx.ts->all(false); clint->c.reserve(clint->entries.size()); clint->t.reserve(clint->entries.size()); - for (Vector >::const_iterator i(clint->entries.begin()); i != clint->entries.end(); ++i) { + for (Vector>::const_iterator i(clint->entries.begin()); i != clint->entries.end(); + ++i) { clint->c.push_back(&((*i)->certificate())); clint->t.push_back((*i)->localTrust()); } cl->freeFunction = p_freeCertificateList; - cl->certs = clint->c.data(); - cl->localTrust = clint->t.data(); - cl->certCount = (unsigned long)clint->c.size(); + cl->certs = clint->c.data(); + cl->localTrust = clint->t.data(); + cl->certCount = (unsigned long)clint->c.size(); return cl; } -int Node::sendUserMessage(const CallContext& cc, uint64_t dest, uint64_t /*typeId*/, const void* /*data*/, unsigned int /*len*/) +int Node::sendUserMessage( + const CallContext &cc, uint64_t dest, uint64_t /*typeId*/, const void * /*data*/, unsigned int /*len*/) { try { if (m_ctx.identity.address().toInt() != dest) { @@ -575,18 +606,18 @@ int Node::sendUserMessage(const CallContext& cc, uint64_t dest, uint64_t /*typeI return 0; } -void Node::setController(void* networkControllerInstance) +void Node::setController(void *networkControllerInstance) { - m_ctx.localNetworkController = reinterpret_cast(networkControllerInstance); + m_ctx.localNetworkController = reinterpret_cast(networkControllerInstance); if (networkControllerInstance) m_ctx.localNetworkController->init(m_ctx.identity, this); } -bool Node::filterPotentialPath(void* tPtr, const Identity& id, int64_t localSocket, const InetAddress& remoteAddress) +bool Node::filterPotentialPath(void *tPtr, const Identity &id, int64_t localSocket, const InetAddress &remoteAddress) { { Mutex::Lock l(m_allNetworks_l); - for (Vector >::iterator i(m_allNetworks.begin()); i != m_allNetworks.end(); ++i) { + for (Vector>::iterator i(m_allNetworks.begin()); i != m_allNetworks.end(); ++i) { for (unsigned int k = 0, j = (*i)->config().staticIpCount; k < j; ++k) { if ((*i)->config().staticIps[k].containsAddress(remoteAddress)) return false; @@ -595,27 +626,37 @@ bool Node::filterPotentialPath(void* tPtr, const Identity& id, int64_t localSock } if (m_ctx.cb.pathCheckFunction) { - return (m_ctx.cb.pathCheckFunction(reinterpret_cast(this), m_ctx.uPtr, tPtr, id.address().toInt(), (const ZT_Identity*)&id, localSocket, reinterpret_cast(&remoteAddress)) != 0); + return ( + m_ctx.cb.pathCheckFunction( + reinterpret_cast(this), m_ctx.uPtr, tPtr, id.address().toInt(), (const ZT_Identity *)&id, + localSocket, reinterpret_cast(&remoteAddress)) + != 0); } return true; } -bool Node::externalPathLookup(void* tPtr, const Identity& id, int family, InetAddress& addr) +bool Node::externalPathLookup(void *tPtr, const Identity &id, int family, InetAddress &addr) { if (m_ctx.cb.pathLookupFunction) { - return (m_ctx.cb.pathLookupFunction(reinterpret_cast(this), m_ctx.uPtr, tPtr, id.address().toInt(), reinterpret_cast(&id), family, reinterpret_cast(&addr)) == ZT_RESULT_OK); + return ( + m_ctx.cb.pathLookupFunction( + reinterpret_cast(this), m_ctx.uPtr, tPtr, id.address().toInt(), + reinterpret_cast(&id), family, reinterpret_cast(&addr)) + == ZT_RESULT_OK); } return false; } // Implementation of NetworkController::Sender ------------------------------------------------------------------------ -void Node::ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, const NetworkConfig& nc, bool sendLegacyFormatConfig) +void Node::ncSendConfig( + void *tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address &destination, + const NetworkConfig &nc, bool sendLegacyFormatConfig) { if (destination == m_ctx.identity.address()) { SharedPtr n(m_ctx.networks->get(nwid)); - if (! n) + if (!n) return; CallContext cc(clock, ticks, tPtr); n->setConfiguration(cc, nc, true); @@ -624,7 +665,7 @@ void Node::ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, Dictionary dconf; if (nc.toDictionary(dconf)) { uint64_t configUpdateId = Utils::random(); - if (! configUpdateId) + if (!configUpdateId) ++configUpdateId; Vector ddata; @@ -663,11 +704,12 @@ void Node::ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, } } -void Node::ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Address& destination, const RevocationCredential& rev) +void Node::ncSendRevocation( + void *tPtr, int64_t clock, int64_t ticks, const Address &destination, const RevocationCredential &rev) { if (destination == m_ctx.identity.address()) { SharedPtr n(m_ctx.networks->get(rev.networkId())); - if (! n) + if (!n) return; CallContext cc(clock, ticks, tPtr); n->addCredential(cc, m_ctx.identity, rev); @@ -687,23 +729,20 @@ void Node::ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Addr } } -void Node::ncSendError(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, NetworkController::ErrorCode errorCode) +void Node::ncSendError( + void *tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address &destination, + NetworkController::ErrorCode errorCode) { if (destination == m_ctx.identity.address()) { SharedPtr n(m_ctx.networks->get(nwid)); - if (! n) + if (!n) return; switch (errorCode) { case NetworkController::NC_ERROR_OBJECT_NOT_FOUND: - case NetworkController::NC_ERROR_INTERNAL_SERVER_ERROR: - n->setNotFound(); - break; - case NetworkController::NC_ERROR_ACCESS_DENIED: - n->setAccessDenied(); - break; + case NetworkController::NC_ERROR_INTERNAL_SERVER_ERROR: n->setNotFound(); break; + case NetworkController::NC_ERROR_ACCESS_DENIED: n->setAccessDenied(); break; - default: - break; + default: break; } } else if (requestPacketId) { diff --git a/core/Node.hpp b/core/Node.hpp index 54565616b..ce9df1b32 100644 --- a/core/Node.hpp +++ b/core/Node.hpp @@ -39,53 +39,51 @@ class Node : public NetworkController::Sender { public: // Get rid of alignment warnings on 32-bit Windows #ifdef __WINDOWS__ - void* operator new(size_t i) - { - return _mm_malloc(i, 16); - } - void operator delete(void* p) - { - _mm_free(p); - } + void *operator new(size_t i) { return _mm_malloc(i, 16); } + void operator delete(void *p) { _mm_free(p); } #endif - Node(void* uPtr, const struct ZT_Node_Callbacks* callbacks, const CallContext& cc); + Node(void *uPtr, const struct ZT_Node_Callbacks *callbacks, const CallContext &cc); virtual ~Node(); - void shutdown(const CallContext& cc); + void shutdown(const CallContext &cc); - ZT_ResultCode processBackgroundTasks(const CallContext& cc, volatile int64_t* nextBackgroundTaskDeadline); + ZT_ResultCode processBackgroundTasks(const CallContext &cc, volatile int64_t *nextBackgroundTaskDeadline); - ZT_ResultCode join(uint64_t nwid, const ZT_Fingerprint* controllerFingerprint, void* uptr, const CallContext& cc); + ZT_ResultCode join(uint64_t nwid, const ZT_Fingerprint *controllerFingerprint, void *uptr, const CallContext &cc); - ZT_ResultCode leave(uint64_t nwid, void** uptr, const CallContext& cc); + ZT_ResultCode leave(uint64_t nwid, void **uptr, const CallContext &cc); - ZT_ResultCode multicastSubscribe(const CallContext& cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi); + ZT_ResultCode + multicastSubscribe(const CallContext &cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi); - ZT_ResultCode multicastUnsubscribe(const CallContext& cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi); + ZT_ResultCode + multicastUnsubscribe(const CallContext &cc, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi); - void status(ZT_NodeStatus* status) const; + void status(ZT_NodeStatus *status) const; - ZT_PeerList* peers(const CallContext& cc) const; + ZT_PeerList *peers(const CallContext &cc) const; - ZT_VirtualNetworkConfig* networkConfig(uint64_t nwid) const; + ZT_VirtualNetworkConfig *networkConfig(uint64_t nwid) const; - ZT_VirtualNetworkList* networks() const; + ZT_VirtualNetworkList *networks() const; - void setNetworkUserPtr(uint64_t nwid, void* ptr); + void setNetworkUserPtr(uint64_t nwid, void *ptr); - void setInterfaceAddresses(const ZT_InterfaceAddress* addrs, unsigned int addrCount); + void setInterfaceAddresses(const ZT_InterfaceAddress *addrs, unsigned int addrCount); - ZT_CertificateError addCertificate(const CallContext& cc, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize); + ZT_CertificateError addCertificate( + const CallContext &cc, unsigned int localTrust, const ZT_Certificate *cert, const void *certData, + unsigned int certSize); - ZT_ResultCode deleteCertificate(const CallContext& cc, const void* serialNo); + ZT_ResultCode deleteCertificate(const CallContext &cc, const void *serialNo); - ZT_CertificateList* listCertificates(); + ZT_CertificateList *listCertificates(); - int sendUserMessage(const CallContext& cc, uint64_t dest, uint64_t typeId, const void* data, unsigned int len); + int sendUserMessage(const CallContext &cc, uint64_t dest, uint64_t typeId, const void *data, unsigned int len); - void setController(void* networkControllerInstance); + void setController(void *networkControllerInstance); /** * Post an event via external callback @@ -95,9 +93,10 @@ class Node : public NetworkController::Sender { * @param md Event data or NULL if none * @param mdSize Size of event data */ - ZT_INLINE void postEvent(void* const tPtr, const ZT_Event ev, const void* const md = nullptr, const unsigned int mdSize = 0) noexcept + ZT_INLINE void postEvent( + void *const tPtr, const ZT_Event ev, const void *const md = nullptr, const unsigned int mdSize = 0) noexcept { - m_ctx.cb.eventCallback(reinterpret_cast(this), m_ctx.uPtr, tPtr, ev, md, mdSize); + m_ctx.cb.eventCallback(reinterpret_cast(this), m_ctx.uPtr, tPtr, ev, md, mdSize); } /** @@ -111,7 +110,7 @@ class Node : public NetworkController::Sender { * @param remoteAddress Remote address * @return True if path should be used */ - bool filterPotentialPath(void* tPtr, const Identity& id, int64_t localSocket, const InetAddress& remoteAddress); + bool filterPotentialPath(void *tPtr, const Identity &id, int64_t localSocket, const InetAddress &remoteAddress); /** * Query callback for a physical address for a peer @@ -122,22 +121,21 @@ class Node : public NetworkController::Sender { * @param addr Buffer to store address (result paramter) * @return True if addr was filled with something */ - bool externalPathLookup(void* tPtr, const Identity& id, int family, InetAddress& addr); + bool externalPathLookup(void *tPtr, const Identity &id, int family, InetAddress &addr); - ZT_INLINE const Identity& identity() const noexcept - { - return m_ctx.identity; - } + ZT_INLINE const Identity &identity() const noexcept { return m_ctx.identity; } - ZT_INLINE const Context& context() const noexcept - { - return m_ctx; - } + ZT_INLINE const Context &context() const noexcept { return m_ctx; } // Implementation of NetworkController::Sender interface - virtual void ncSendConfig(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, const NetworkConfig& nc, bool sendLegacyFormatConfig); - virtual void ncSendRevocation(void* tPtr, int64_t clock, int64_t ticks, const Address& destination, const RevocationCredential& rev); - virtual void ncSendError(void* tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address& destination, NetworkController::ErrorCode errorCode); + virtual void ncSendConfig( + void *tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address &destination, + const NetworkConfig &nc, bool sendLegacyFormatConfig); + virtual void ncSendRevocation( + void *tPtr, int64_t clock, int64_t ticks, const Address &destination, const RevocationCredential &rev); + virtual void ncSendError( + void *tPtr, int64_t clock, int64_t ticks, uint64_t nwid, uint64_t requestPacketId, const Address &destination, + NetworkController::ErrorCode errorCode); private: Context m_ctx; @@ -146,10 +144,10 @@ class Node : public NetworkController::Sender { Store m_store; // Pointer to a struct defined in Node that holds instances of core objects. - void* m_objects; + void *m_objects; // This stores networks for rapid iteration, while RR->networks is the primary lookup. - Vector > m_allNetworks; + Vector> m_allNetworks; Mutex m_allNetworks_l; // These are local interface addresses that have been configured via the API diff --git a/core/OS.hpp b/core/OS.hpp index eb2dd835d..93a968adf 100644 --- a/core/OS.hpp +++ b/core/OS.hpp @@ -17,7 +17,9 @@ /* Uncomment this to force a whole lot of debug output. */ #define ZT_DEBUG_SPEW -#if ! defined(__GNUC__) && (defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_1) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_2) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_4) || defined(__INTEL_COMPILER) || defined(__clang__)) +#if !defined(__GNUC__) \ + && (defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_1) || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_2) \ + || defined(__GCC_HAVE_SYNC_COMPARE_AND_SWAP_4) || defined(__INTEL_COMPILER) || defined(__clang__)) #define __GNUC__ 3 #endif @@ -70,25 +72,28 @@ #include #include -#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64)) +#if ( \ + defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) \ + || defined(__AMD64__) || defined(_M_X64)) #define ZT_ARCH_X64 1 #include #include #include #endif -#if defined(ZT_ARCH_X64) || defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) || defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || defined(_X86_) || defined(__I86__) \ - || defined(__INTEL__) || defined(__386) +#if defined(ZT_ARCH_X64) || defined(i386) || defined(__i386) || defined(__i386__) || defined(__i486__) \ + || defined(__i586__) || defined(__i686__) || defined(_M_IX86) || defined(__X86__) || defined(_X86_) \ + || defined(__I86__) || defined(__INTEL__) || defined(__386) #define ZT_ARCH_X86 1 #endif -#if ! defined(ZT_ARCH_X86) +#if !defined(ZT_ARCH_X86) #ifndef ZT_NO_UNALIGNED_ACCESS #define ZT_NO_UNALIGNED_ACCESS 1 #endif #endif #if defined(__ARM_NEON) || defined(__ARM_NEON__) || defined(ZT_ARCH_ARM_HAS_NEON) -#if (defined(__APPLE__) && ! defined(__LP64__)) || (defined(__ANDROID__) && defined(__arm__)) +#if (defined(__APPLE__) && !defined(__LP64__)) || (defined(__ANDROID__) && defined(__arm__)) #ifdef ZT_ARCH_ARM_HAS_NEON #undef ZT_ARCH_ARM_HAS_NEON #endif @@ -209,9 +214,9 @@ * if a shim for were included. */ #ifndef __CPP11__ #error TODO: to build on pre-c++11 compilers we will need to make a subset of std::atomic for integers -#define nullptr (0) +#define nullptr (0) #define constexpr ZT_INLINE -#define noexcept throw() +#define noexcept throw() #define explicit #endif #endif @@ -250,17 +255,17 @@ typedef unsigned uint128_t __attribute__((mode(TI))); #endif #endif -#if ! defined(__BYTE_ORDER) && defined(__BYTE_ORDER__) +#if !defined(__BYTE_ORDER) && defined(__BYTE_ORDER__) #define __BYTE_ORDER __BYTE_ORDER__ #define __LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__ #define __BIG_ENDIAN __ORDER_BIG_ENDIAN__ #endif -#if ! defined(__BYTE_ORDER) && defined(BYTE_ORDER) +#if !defined(__BYTE_ORDER) && defined(BYTE_ORDER) #define __BYTE_ORDER BYTE_ORDER #define __LITTLE_ENDIAN LITTLE_ENDIAN #define __BIG_ENDIAN BIG_ENDIAN #endif -#if ! defined(__BYTE_ORDER) && defined(_BYTE_ORDER) +#if !defined(__BYTE_ORDER) && defined(_BYTE_ORDER) #define __BYTE_ORDER _BYTE_ORDER #define __LITTLE_ENDIAN _LITTLE_ENDIAN #define __BIG_ENDIAN _BIG_ENDIAN @@ -269,7 +274,8 @@ typedef unsigned uint128_t __attribute__((mode(TI))); #define ZT_VA_ARGS(...) , ##__VA_ARGS__ #ifdef ZT_DEBUG_SPEW -#define ZT_SPEW(f, ...) fprintf(stderr, "%s:%d(%s): " f ZT_EOL_S, __FILE__, __LINE__, __FUNCTION__ ZT_VA_ARGS(__VA_ARGS__)) +#define ZT_SPEW(f, ...) \ + fprintf(stderr, "%s:%d(%s): " f ZT_EOL_S, __FILE__, __LINE__, __FUNCTION__ ZT_VA_ARGS(__VA_ARGS__)) #else #define ZT_SPEW(f, ...) #endif diff --git a/core/OwnershipCredential.cpp b/core/OwnershipCredential.cpp index d0eb0f890..4045dc375 100644 --- a/core/OwnershipCredential.cpp +++ b/core/OwnershipCredential.cpp @@ -15,23 +15,25 @@ namespace ZeroTier { -void OwnershipCredential::addThing(const InetAddress& ip) +void OwnershipCredential::addThing(const InetAddress &ip) { if (m_thingCount >= ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) return; if (ip.as.sa.sa_family == AF_INET) { m_thingTypes[m_thingCount] = THING_IPV4_ADDRESS; - Utils::copy<4>(m_thingValues[m_thingCount], &(reinterpret_cast(&ip)->sin_addr.s_addr)); + Utils::copy<4>( + m_thingValues[m_thingCount], &(reinterpret_cast(&ip)->sin_addr.s_addr)); ++m_thingCount; } else if (ip.as.sa.sa_family == AF_INET6) { m_thingTypes[m_thingCount] = THING_IPV6_ADDRESS; - Utils::copy<16>(m_thingValues[m_thingCount], reinterpret_cast(&ip)->sin6_addr.s6_addr); + Utils::copy<16>( + m_thingValues[m_thingCount], reinterpret_cast(&ip)->sin6_addr.s6_addr); ++m_thingCount; } } -void OwnershipCredential::addThing(const MAC& mac) +void OwnershipCredential::addThing(const MAC &mac) { if (m_thingCount >= ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) return; @@ -40,11 +42,11 @@ void OwnershipCredential::addThing(const MAC& mac) ++m_thingCount; } -bool OwnershipCredential::sign(const Identity& signer) +bool OwnershipCredential::sign(const Identity &signer) { uint8_t buf[ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX + 16]; if (signer.hasPrivate()) { - m_signedBy = signer.address(); + m_signedBy = signer.address(); m_signatureLength = signer.sign(buf, (unsigned int)marshal(buf, true), m_signature, sizeof(m_signature)); return true; } @@ -73,7 +75,7 @@ int OwnershipCredential::marshal(uint8_t data[ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_ p += ZT_ADDRESS_LENGTH; m_signedBy.copyTo(data + p); p += ZT_ADDRESS_LENGTH; - if (! forSign) { + if (!forSign) { data[p++] = 1; Utils::storeBigEndian(data + p, (uint16_t)m_signatureLength); p += 2; @@ -89,15 +91,15 @@ int OwnershipCredential::marshal(uint8_t data[ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_ return p; } -int OwnershipCredential::unmarshal(const uint8_t* data, int len) noexcept +int OwnershipCredential::unmarshal(const uint8_t *data, int len) noexcept { if (len < 30) return -1; - m_networkId = Utils::loadBigEndian(data); - m_ts = (int64_t)Utils::loadBigEndian(data + 8); - m_flags = Utils::loadBigEndian(data + 16); - m_id = Utils::loadBigEndian(data + 24); + m_networkId = Utils::loadBigEndian(data); + m_ts = (int64_t)Utils::loadBigEndian(data + 8); + m_flags = Utils::loadBigEndian(data + 16); + m_id = Utils::loadBigEndian(data + 24); m_thingCount = Utils::loadBigEndian(data + 28); if (m_thingCount > ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) return -1; diff --git a/core/OwnershipCredential.hpp b/core/OwnershipCredential.hpp index 005c2be3d..f82cfe7a0 100644 --- a/core/OwnershipCredential.hpp +++ b/core/OwnershipCredential.hpp @@ -28,7 +28,9 @@ // Maximum size of a thing's value field in bytes #define ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE 16 -#define ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX (8 + 8 + 8 + 4 + 2 + ((1 + ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE) * ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) + 5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE + 2) +#define ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX \ + (8 + 8 + 8 + 4 + 2 + ((1 + ZT_CERTIFICATEOFOWNERSHIP_MAX_THING_VALUE_SIZE) * ZT_CERTIFICATEOFOWNERSHIP_MAX_THINGS) \ + + 5 + 5 + 1 + 2 + ZT_SIGNATURE_BUFFER_SIZE + 2) namespace ZeroTier { @@ -44,94 +46,57 @@ class OwnershipCredential : public Credential { friend class Credential; public: - static constexpr ZT_CredentialType credentialType() noexcept - { - return ZT_CREDENTIAL_TYPE_COO; - } + static constexpr ZT_CredentialType credentialType() noexcept { return ZT_CREDENTIAL_TYPE_COO; } enum Thing { THING_NULL = 0, THING_MAC_ADDRESS = 1, THING_IPV4_ADDRESS = 2, THING_IPV6_ADDRESS = 3 }; - ZT_INLINE OwnershipCredential() noexcept - { - memoryZero(this); - } + ZT_INLINE OwnershipCredential() noexcept { memoryZero(this); } ZT_INLINE - OwnershipCredential(const uint64_t nwid, const int64_t ts, const Address& issuedTo, const uint32_t id) noexcept + OwnershipCredential(const uint64_t nwid, const int64_t ts, const Address &issuedTo, const uint32_t id) noexcept { memoryZero(this); m_networkId = nwid; - m_ts = ts; - m_id = id; - m_issuedTo = issuedTo; + m_ts = ts; + m_id = id; + m_issuedTo = issuedTo; } - ZT_INLINE uint64_t networkId() const noexcept - { - return m_networkId; - } + ZT_INLINE uint64_t networkId() const noexcept { return m_networkId; } - ZT_INLINE int64_t timestamp() const noexcept - { - return m_ts; - } + ZT_INLINE int64_t timestamp() const noexcept { return m_ts; } - ZT_INLINE int64_t revision() const noexcept - { - return m_ts; - } + ZT_INLINE int64_t revision() const noexcept { return m_ts; } - ZT_INLINE uint32_t id() const noexcept - { - return m_id; - } + ZT_INLINE uint32_t id() const noexcept { return m_id; } - ZT_INLINE const Address& issuedTo() const noexcept - { - return m_issuedTo; - } + ZT_INLINE const Address &issuedTo() const noexcept { return m_issuedTo; } - ZT_INLINE const Address& signer() const noexcept - { - return m_signedBy; - } + ZT_INLINE const Address &signer() const noexcept { return m_signedBy; } - ZT_INLINE const uint8_t* signature() const noexcept - { - return m_signature; - } + ZT_INLINE const uint8_t *signature() const noexcept { return m_signature; } - ZT_INLINE unsigned int signatureLength() const noexcept - { - return m_signatureLength; - } + ZT_INLINE unsigned int signatureLength() const noexcept { return m_signatureLength; } - ZT_INLINE unsigned int thingCount() const noexcept - { - return (unsigned int)m_thingCount; - } + ZT_INLINE unsigned int thingCount() const noexcept { return (unsigned int)m_thingCount; } - ZT_INLINE Thing thingType(const unsigned int i) const noexcept - { - return (Thing)m_thingTypes[i]; - } + ZT_INLINE Thing thingType(const unsigned int i) const noexcept { return (Thing)m_thingTypes[i]; } - ZT_INLINE const uint8_t* thingValue(const unsigned int i) const noexcept - { - return m_thingValues[i]; - } + ZT_INLINE const uint8_t *thingValue(const unsigned int i) const noexcept { return m_thingValues[i]; } - ZT_INLINE bool owns(const InetAddress& ip) const noexcept + ZT_INLINE bool owns(const InetAddress &ip) const noexcept { if (ip.as.sa.sa_family == AF_INET) - return this->_owns(THING_IPV4_ADDRESS, &(reinterpret_cast(&ip)->sin_addr.s_addr), 4); + return this->_owns( + THING_IPV4_ADDRESS, &(reinterpret_cast(&ip)->sin_addr.s_addr), 4); else if (ip.as.sa.sa_family == AF_INET6) - return this->_owns(THING_IPV6_ADDRESS, reinterpret_cast(&ip)->sin6_addr.s6_addr, 16); + return this->_owns( + THING_IPV6_ADDRESS, reinterpret_cast(&ip)->sin6_addr.s6_addr, 16); else return false; } - ZT_INLINE bool owns(const MAC& mac) const noexcept + ZT_INLINE bool owns(const MAC &mac) const noexcept { uint8_t tmp[6]; mac.copyTo(tmp); @@ -143,7 +108,7 @@ class OwnershipCredential : public Credential { * * @param ip IPv4 or IPv6 address */ - void addThing(const InetAddress& ip); + void addThing(const InetAddress &ip); /** * Add an Ethernet MAC address @@ -154,7 +119,7 @@ class OwnershipCredential : public Credential { * * @param mac 48-bit MAC address */ - void addThing(const MAC& mac); + void addThing(const MAC &mac); /** * Sign this certificate @@ -162,50 +127,44 @@ class OwnershipCredential : public Credential { * @param signer Signing identity, must have private key * @return True if signature was successful */ - bool sign(const Identity& signer); + bool sign(const Identity &signer); /** * Verify certificate signature * * @return Credential verification result: OK, bad signature, or identity needed */ - ZT_INLINE Credential::VerifyResult verify(const Context& ctx, const CallContext& cc) const + ZT_INLINE Credential::VerifyResult verify(const Context &ctx, const CallContext &cc) const { return s_verify(ctx, cc, *this); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_CERTIFICATEOFOWNERSHIP_MARSHAL_SIZE_MAX], bool forSign = false) const noexcept; - int unmarshal(const uint8_t* data, int len) noexcept; + int unmarshal(const uint8_t *data, int len) noexcept; // Provides natural sort order by ID - ZT_INLINE bool operator<(const OwnershipCredential& coo) const noexcept - { - return (m_id < coo.m_id); - } + ZT_INLINE bool operator<(const OwnershipCredential &coo) const noexcept { return (m_id < coo.m_id); } - ZT_INLINE bool operator==(const OwnershipCredential& coo) const noexcept + ZT_INLINE bool operator==(const OwnershipCredential &coo) const noexcept { return (memcmp(this, &coo, sizeof(OwnershipCredential)) == 0); } - ZT_INLINE bool operator!=(const OwnershipCredential& coo) const noexcept + ZT_INLINE bool operator!=(const OwnershipCredential &coo) const noexcept { return (memcmp(this, &coo, sizeof(OwnershipCredential)) != 0); } private: - ZT_INLINE bool _owns(const Thing& t, const void* v, unsigned int l) const noexcept + ZT_INLINE bool _owns(const Thing &t, const void *v, unsigned int l) const noexcept { for (unsigned int i = 0, j = m_thingCount; i < j; ++i) { if (m_thingTypes[i] == (uint8_t)t) { unsigned int k = 0; while (k < l) { - if (reinterpret_cast(v)[k] != m_thingValues[i][k]) + if (reinterpret_cast(v)[k] != m_thingValues[i][k]) break; ++k; } diff --git a/core/Path.cpp b/core/Path.cpp index 76fb75523..87828eb9f 100644 --- a/core/Path.cpp +++ b/core/Path.cpp @@ -18,9 +18,13 @@ namespace ZeroTier { -bool Path::send(const Context& ctx, const CallContext& cc, const void* const data, const unsigned int len) noexcept +bool Path::send(const Context &ctx, const CallContext &cc, const void *const data, const unsigned int len) noexcept { - if (likely(ctx.cb.wirePacketSendFunction(reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, m_localSocket, reinterpret_cast(&m_addr), data, len, 0) == 0)) { + if (likely( + ctx.cb.wirePacketSendFunction( + reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, m_localSocket, + reinterpret_cast(&m_addr), data, len, 0) + == 0)) { m_lastOut = cc.ticks; m_outMeter.log(cc.ticks, len); return true; diff --git a/core/Path.hpp b/core/Path.hpp index 55352b2c7..20de94cfd 100644 --- a/core/Path.hpp +++ b/core/Path.hpp @@ -36,7 +36,8 @@ class Path { friend class SharedPtr; // Allow defragmenter to access fragment-in-flight info stored in Path for performance reasons. - template friend class Defragmenter; + template + friend class Defragmenter; public: /** @@ -44,53 +45,48 @@ class Path { */ class Key { public: - ZT_INLINE Key() noexcept - { - } + ZT_INLINE Key() noexcept {} - ZT_INLINE Key(const InetAddress& ip) noexcept + ZT_INLINE Key(const InetAddress &ip) noexcept { const unsigned int family = ip.as.sa.sa_family; if (family == AF_INET) { const uint16_t p = (uint16_t)ip.as.sa_in.sin_port; - m_hashCode = Utils::hash64((((uint64_t)ip.as.sa_in.sin_addr.s_addr) << 16U) ^ ((uint64_t)p) ^ Utils::s_mapNonce); + m_hashCode = + Utils::hash64((((uint64_t)ip.as.sa_in.sin_addr.s_addr) << 16U) ^ ((uint64_t)p) ^ Utils::s_mapNonce); m_ipv6Net64 = 0; // 0 for IPv4, never 0 for IPv6 - m_port = p; + m_port = p; } else { if (likely(family == AF_INET6)) { - const uint64_t a = Utils::loadMachineEndian(reinterpret_cast(ip.as.sa_in6.sin6_addr.s6_addr)); - const uint64_t b = Utils::loadMachineEndian(reinterpret_cast(ip.as.sa_in6.sin6_addr.s6_addr) + 8); + const uint64_t a = Utils::loadMachineEndian( + reinterpret_cast(ip.as.sa_in6.sin6_addr.s6_addr)); + const uint64_t b = Utils::loadMachineEndian( + reinterpret_cast(ip.as.sa_in6.sin6_addr.s6_addr) + 8); const uint16_t p = ip.as.sa_in6.sin6_port; - m_hashCode = Utils::hash64(a ^ b ^ ((uint64_t)p) ^ Utils::s_mapNonce); - m_ipv6Net64 = a; // IPv6 /64 - m_port = p; + m_hashCode = Utils::hash64(a ^ b ^ ((uint64_t)p) ^ Utils::s_mapNonce); + m_ipv6Net64 = a; // IPv6 /64 + m_port = p; } else { // This is not reachable since InetAddress can only be AF_INET or AF_INET6, but implement something. - m_hashCode = Utils::fnv1a32(&ip, sizeof(InetAddress)); + m_hashCode = Utils::fnv1a32(&ip, sizeof(InetAddress)); m_ipv6Net64 = 0; - m_port = (uint16_t)family; + m_port = (uint16_t)family; } } } - ZT_INLINE unsigned long hashCode() const noexcept - { - return (unsigned long)m_hashCode; - } + ZT_INLINE unsigned long hashCode() const noexcept { return (unsigned long)m_hashCode; } - ZT_INLINE bool operator==(const Key& k) const noexcept + ZT_INLINE bool operator==(const Key &k) const noexcept { return (m_hashCode == k.m_hashCode) && (m_ipv6Net64 == k.m_ipv6Net64) && (m_port == k.m_port); } - ZT_INLINE bool operator!=(const Key& k) const noexcept - { - return (! (*this == k)); - } + ZT_INLINE bool operator!=(const Key &k) const noexcept { return (!(*this == k)); } - ZT_INLINE bool operator<(const Key& k) const noexcept + ZT_INLINE bool operator<(const Key &k) const noexcept { if (m_hashCode < k.m_hashCode) { return true; @@ -106,20 +102,11 @@ class Path { return false; } - ZT_INLINE bool operator>(const Key& k) const noexcept - { - return (k < *this); - } + ZT_INLINE bool operator>(const Key &k) const noexcept { return (k < *this); } - ZT_INLINE bool operator<=(const Key& k) const noexcept - { - return ! (k < *this); - } + ZT_INLINE bool operator<=(const Key &k) const noexcept { return !(k < *this); } - ZT_INLINE bool operator>=(const Key& k) const noexcept - { - return ! (*this < k); - } + ZT_INLINE bool operator>=(const Key &k) const noexcept { return !(*this < k); } private: uint64_t m_hashCode; @@ -127,7 +114,7 @@ class Path { uint16_t m_port; }; - ZT_INLINE Path(const int64_t l, const InetAddress& r) noexcept + ZT_INLINE Path(const int64_t l, const InetAddress &r) noexcept : m_localSocket(l) , m_lastIn(0) , m_lastOut(0) @@ -143,7 +130,7 @@ class Path { * @param len Packet length * @return True if transport reported success */ - bool send(const Context& ctx, const CallContext& cc, const void* data, unsigned int len) noexcept; + bool send(const Context &ctx, const CallContext &cc, const void *data, unsigned int len) noexcept; /** * Explicitly update last sent time @@ -151,7 +138,7 @@ class Path { * @param now Time of send * @param bytes Bytes sent */ - ZT_INLINE void sent(const CallContext& cc, const unsigned int bytes) noexcept + ZT_INLINE void sent(const CallContext &cc, const unsigned int bytes) noexcept { m_lastOut.store(cc.ticks, std::memory_order_relaxed); m_outMeter.log(cc.ticks, bytes); @@ -163,7 +150,7 @@ class Path { * @param now Time of receive * @param bytes Bytes received */ - ZT_INLINE void received(const CallContext& cc, const unsigned int bytes) noexcept + ZT_INLINE void received(const CallContext &cc, const unsigned int bytes) noexcept { m_lastIn.store(cc.ticks, std::memory_order_relaxed); m_inMeter.log(cc.ticks, bytes); @@ -188,17 +175,14 @@ class Path { /** * @return Latency in milliseconds or -1 if unknown */ - ZT_INLINE int latency() const noexcept - { - return m_latency.load(std::memory_order_relaxed); - } + ZT_INLINE int latency() const noexcept { return m_latency.load(std::memory_order_relaxed); } /** * Check path aliveness * * @param now Current time */ - ZT_INLINE bool alive(const CallContext& cc) const noexcept + ZT_INLINE bool alive(const CallContext &cc) const noexcept { return ((cc.ticks - m_lastIn.load(std::memory_order_relaxed)) < ZT_PATH_ALIVE_TIMEOUT); } @@ -206,34 +190,22 @@ class Path { /** * @return Physical address */ - ZT_INLINE const InetAddress& address() const noexcept - { - return m_addr; - } + ZT_INLINE const InetAddress &address() const noexcept { return m_addr; } /** * @return Local socket as specified by external code */ - ZT_INLINE int64_t localSocket() const noexcept - { - return m_localSocket; - } + ZT_INLINE int64_t localSocket() const noexcept { return m_localSocket; } /** * @return Last time we received anything */ - ZT_INLINE int64_t lastIn() const noexcept - { - return m_lastIn.load(std::memory_order_relaxed); - } + ZT_INLINE int64_t lastIn() const noexcept { return m_lastIn.load(std::memory_order_relaxed); } /** * @return Last time we sent something */ - ZT_INLINE int64_t lastOut() const noexcept - { - return m_lastOut.load(std::memory_order_relaxed); - } + ZT_INLINE int64_t lastOut() const noexcept { return m_lastOut.load(std::memory_order_relaxed); } private: const int64_t m_localSocket; diff --git a/core/Peer.cpp b/core/Peer.cpp index 20971af44..02e29b11b 100644 --- a/core/Peer.cpp +++ b/core/Peer.cpp @@ -46,19 +46,16 @@ Peer::Peer() { } -Peer::~Peer() -{ - Utils::burn(m_helloMacKey, sizeof(m_helloMacKey)); -} +Peer::~Peer() { Utils::burn(m_helloMacKey, sizeof(m_helloMacKey)); } -bool Peer::init(const Context& ctx, const CallContext& cc, const Identity& peerIdentity) +bool Peer::init(const Context &ctx, const CallContext &cc, const Identity &peerIdentity) { RWMutex::Lock l(m_lock); m_id = peerIdentity; uint8_t k[ZT_SYMMETRIC_KEY_SIZE]; - if (unlikely(! ctx.identity.agree(peerIdentity, k))) + if (unlikely(!ctx.identity.agree(peerIdentity, k))) return false; m_identityKey.init(cc.ticks, k); Utils::burn(k, sizeof(k)); @@ -68,7 +65,10 @@ bool Peer::init(const Context& ctx, const CallContext& cc, const Identity& peerI return true; } -void Peer::received(const Context& ctx, const CallContext& cc, const SharedPtr& path, const unsigned int hops, const uint64_t packetId, const unsigned int payloadLength, const Protocol::Verb verb, const Protocol::Verb /*inReVerb*/) +void Peer::received( + const Context &ctx, const CallContext &cc, const SharedPtr &path, const unsigned int hops, + const uint64_t packetId, const unsigned int payloadLength, const Protocol::Verb verb, + const Protocol::Verb /*inReVerb*/) { m_lastReceive.store(cc.ticks, std::memory_order_relaxed); m_inMeter.log(cc.ticks, payloadLength); @@ -110,7 +110,7 @@ void Peer::received(const Context& ctx, const CallContext& cc, const SharedPtr

currentBest(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); + const SharedPtr currentBest(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); SharedPtr old; old.move(m_paths[newPathIdx]); @@ -118,23 +118,25 @@ void Peer::received(const Context& ctx, const CallContext& cc, const SharedPtr

learnedNewPath(cc, 0x582fabdd, packetId, m_id, path->address(), (old) ? old->address() : InetAddress()); + ctx.t->learnedNewPath( + cc, 0x582fabdd, packetId, m_id, path->address(), (old) ? old->address() : InetAddress()); } else { - int64_t& lt = m_lastTried[Endpoint(path->address())]; + int64_t < = m_lastTried[Endpoint(path->address())]; if ((cc.ticks - lt) < ZT_PATH_MIN_TRY_INTERVAL) { lt = cc.ticks; path->sent(cc, m_hello(ctx, cc, path->localSocket(), path->address(), false)); - ctx.t->tryingNewPath(cc, 0xb7747ddd, m_id, path->address(), path->address(), packetId, (uint8_t)verb, m_id); + ctx.t->tryingNewPath( + cc, 0xb7747ddd, m_id, path->address(), path->address(), packetId, (uint8_t)verb, m_id); } } } } } -void Peer::send(const Context& ctx, const CallContext& cc, const void* data, unsigned int len) noexcept +void Peer::send(const Context &ctx, const CallContext &cc, const void *data, unsigned int len) noexcept { - SharedPtr via(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); + SharedPtr via(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); if (likely(via)) { if (likely(via->send(ctx, cc, data, len))) this->sent(cc, len); @@ -153,18 +155,21 @@ void Peer::send(const Context& ctx, const CallContext& cc, const void* data, uns } } -void Peer::pulse(const Context& ctx, const CallContext& cc) +void Peer::pulse(const Context &ctx, const CallContext &cc) { RWMutex::Lock l(m_lock); // Grab current key (this is never NULL). - SymmetricKey* const key = reinterpret_cast(m_key.load(std::memory_order_relaxed)); + SymmetricKey *const key = reinterpret_cast(m_key.load(std::memory_order_relaxed)); // Determine if we need a new ephemeral key pair and if a new HELLO needs // to be sent. The latter happens every ZT_PEER_HELLO_INTERVAL or if a new // ephemeral key pair is generated. bool needHello = - (((m_vProto >= 20) && (m_keyRenegotiationNeeded || (key == &m_identityKey) || ((cc.ticks - key->timestamp()) >= (ZT_SYMMETRIC_KEY_TTL / 2)) || (key->odometer() > (ZT_SYMMETRIC_KEY_TTL_MESSAGES / 2)))) + (((m_vProto >= 20) + && (m_keyRenegotiationNeeded || (key == &m_identityKey) + || ((cc.ticks - key->timestamp()) >= (ZT_SYMMETRIC_KEY_TTL / 2)) + || (key->odometer() > (ZT_SYMMETRIC_KEY_TTL_MESSAGES / 2)))) || ((cc.ticks - m_lastSentHello) >= ZT_PEER_HELLO_INTERVAL)); // Prioritize paths and more importantly for here forget dead ones. @@ -177,13 +182,16 @@ void Peer::pulse(const Context& ctx, const CallContext& cc) // callback (if one was supplied). if (m_locator) { - for (Vector > >::const_iterator ep(m_locator->endpoints().begin()); ep != m_locator->endpoints().end(); ++ep) { + for (Vector>>::const_iterator ep( + m_locator->endpoints().begin()); + ep != m_locator->endpoints().end(); ++ep) { if (ep->first.type == ZT_ENDPOINT_TYPE_IP_UDP) { if (ctx.node->filterPotentialPath(cc.tPtr, m_id, -1, ep->first.ip())) { - int64_t& lt = m_lastTried[ep->first]; + int64_t < = m_lastTried[ep->first]; if ((cc.ticks - lt) > ZT_PATH_MIN_TRY_INTERVAL) { lt = cc.ticks; - ctx.t->tryingNewPath(cc, 0x84b22322, m_id, ep->first.ip(), InetAddress::NIL, 0, 0, Identity::NIL); + ctx.t->tryingNewPath( + cc, 0x84b22322, m_id, ep->first.ip(), InetAddress::NIL, 0, 0, Identity::NIL); sent(cc, m_sendProbe(ctx, cc, -1, ep->first.ip(), nullptr, 0)); } } @@ -194,7 +202,7 @@ void Peer::pulse(const Context& ctx, const CallContext& cc) InetAddress addr; if (ctx.node->externalPathLookup(cc.tPtr, m_id, -1, addr)) { if ((addr) && ctx.node->filterPotentialPath(cc.tPtr, m_id, -1, addr)) { - int64_t& lt = m_lastTried[Endpoint(addr)]; + int64_t < = m_lastTried[Endpoint(addr)]; if ((cc.ticks - lt) > ZT_PATH_MIN_TRY_INTERVAL) { lt = cc.ticks; ctx.t->tryingNewPath(cc, 0x84a10000, m_id, addr, InetAddress::NIL, 0, 0, Identity::NIL); @@ -207,7 +215,7 @@ void Peer::pulse(const Context& ctx, const CallContext& cc) else { unsigned int attempts = 0; for (;;) { - p_TryQueueItem& qi = m_tryQueue.front(); + p_TryQueueItem &qi = m_tryQueue.front(); if (qi.target.isInetAddr()) { // Skip entry if it overlaps with any currently active IP. @@ -290,11 +298,12 @@ void Peer::pulse(const Context& ctx, const CallContext& cc) for (unsigned int i = 0; i < m_alivePathCount; ++i) { if (needHello) { needHello = false; - const unsigned int bytes = m_hello(ctx, cc, m_paths[i]->localSocket(), m_paths[i]->address(), m_keyRenegotiationNeeded); + const unsigned int bytes = + m_hello(ctx, cc, m_paths[i]->localSocket(), m_paths[i]->address(), m_keyRenegotiationNeeded); if (bytes) { m_paths[i]->sent(cc, bytes); sent(cc, bytes); - m_lastSentHello = cc.ticks; + m_lastSentHello = cc.ticks; m_keyRenegotiationNeeded = false; } } @@ -311,12 +320,13 @@ void Peer::pulse(const Context& ctx, const CallContext& cc) if (root) { const SharedPtr via(root->path(cc)); if (via) { - const unsigned int bytes = m_hello(ctx, cc, via->localSocket(), via->address(), m_keyRenegotiationNeeded); + const unsigned int bytes = + m_hello(ctx, cc, via->localSocket(), via->address(), m_keyRenegotiationNeeded); if (bytes) { via->sent(cc, bytes); root->relayed(cc, bytes); sent(cc, bytes); - m_lastSentHello = cc.ticks; + m_lastSentHello = cc.ticks; m_keyRenegotiationNeeded = false; } } @@ -332,7 +342,7 @@ void Peer::pulse(const Context& ctx, const CallContext& cc) } } -void Peer::contact(const Context& ctx, const CallContext& cc, const Endpoint& ep, int tries) +void Peer::contact(const Context &ctx, const CallContext &cc, const Endpoint &ep, int tries) { RWMutex::Lock l(m_lock); @@ -345,7 +355,7 @@ void Peer::contact(const Context& ctx, const CallContext& cc, const Endpoint& ep } // Check underlying path attempt rate limit. - int64_t& lt = m_lastTried[ep]; + int64_t < = m_lastTried[ep]; if ((cc.ticks - lt) < ZT_PATH_MIN_TRY_INTERVAL) return; lt = cc.ticks; @@ -353,14 +363,16 @@ void Peer::contact(const Context& ctx, const CallContext& cc, const Endpoint& ep // For IPv4 addresses we send a tiny packet with a low TTL, which helps to // traverse some NAT types. It has no effect otherwise. if (ep.isInetAddr() && ep.ip().isV4()) { - ctx.cb.wirePacketSendFunction(reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, -1, reinterpret_cast(&ep.ip()), &s_arbitraryByte, 1, 2); + ctx.cb.wirePacketSendFunction( + reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, -1, + reinterpret_cast(&ep.ip()), &s_arbitraryByte, 1, 2); ++s_arbitraryByte; } // Make sure address is not already in the try queue. If so just update it. for (List::iterator i(m_tryQueue.begin()); i != m_tryQueue.end(); ++i) { if (i->target.isSameAddress(ep)) { - i->target = ep; + i->target = ep; i->iteration = -tries; return; } @@ -369,13 +381,17 @@ void Peer::contact(const Context& ctx, const CallContext& cc, const Endpoint& ep m_tryQueue.push_back(p_TryQueueItem(ep, -tries)); } -void Peer::resetWithinScope(const Context& ctx, const CallContext& cc, InetAddress::IpScope scope, int inetAddressFamily) +void Peer::resetWithinScope( + const Context &ctx, const CallContext &cc, InetAddress::IpScope scope, int inetAddressFamily) { RWMutex::Lock l(m_lock); unsigned int pc = 0; for (unsigned int i = 0; i < m_alivePathCount; ++i) { - if ((m_paths[i]) && (((int)m_paths[i]->address().as.sa.sa_family == inetAddressFamily) && (m_paths[i]->address().ipScope() == scope))) { - const unsigned int bytes = m_sendProbe(ctx, cc, m_paths[i]->localSocket(), m_paths[i]->address(), nullptr, 0); + if ((m_paths[i]) + && (((int)m_paths[i]->address().as.sa.sa_family == inetAddressFamily) + && (m_paths[i]->address().ipScope() == scope))) { + const unsigned int bytes = + m_sendProbe(ctx, cc, m_paths[i]->localSocket(), m_paths[i]->address(), nullptr, 0); m_paths[i]->sent(cc, bytes); sent(cc, bytes); } @@ -388,7 +404,7 @@ void Peer::resetWithinScope(const Context& ctx, const CallContext& cc, InetAddre m_paths[pc++].zero(); } -void Peer::save(const Context& ctx, const CallContext& cc) const +void Peer::save(const Context &ctx, const CallContext &cc) const { uint8_t buf[8 + ZT_PEER_MARSHAL_SIZE_MAX]; @@ -404,7 +420,7 @@ void Peer::save(const Context& ctx, const CallContext& cc) const } } -int Peer::marshal(const Context& ctx, uint8_t data[ZT_PEER_MARSHAL_SIZE_MAX]) const noexcept +int Peer::marshal(const Context &ctx, uint8_t data[ZT_PEER_MARSHAL_SIZE_MAX]) const noexcept { RWMutex::RLock l(m_lock); @@ -430,7 +446,7 @@ int Peer::marshal(const Context& ctx, uint8_t data[ZT_PEER_MARSHAL_SIZE_MAX]) co if (m_locator) { data[p++] = 1; - s = m_locator->marshal(data + p); + s = m_locator->marshal(data + p); if (s <= 0) return s; p += s; @@ -454,7 +470,7 @@ int Peer::marshal(const Context& ctx, uint8_t data[ZT_PEER_MARSHAL_SIZE_MAX]) co return p; } -int Peer::unmarshal(const Context& ctx, const int64_t ticks, const uint8_t* restrict data, const int len) noexcept +int Peer::unmarshal(const Context &ctx, const int64_t ticks, const uint8_t *restrict data, const int len) noexcept { RWMutex::Lock l(m_lock); @@ -463,14 +479,16 @@ int Peer::unmarshal(const Context& ctx, const int64_t ticks, const uint8_t* rest for (unsigned int i = 0; i < ZT_PEER_EPHEMERAL_KEY_BUFFER_SIZE; ++i) { m_ephemeralKeysSent[i].creationTime = -1; - m_ephemeralSessions[i].established = false; + m_ephemeralSessions[i].established = false; } m_key.store((uintptr_t)&m_identityKey, std::memory_order_relaxed); bool identityKeyRestored = false; if (Address(data + 1) == ctx.identity.address()) { uint8_t k[ZT_SYMMETRIC_KEY_SIZE]; - static_assert(ZT_SYMMETRIC_KEY_SIZE == 48, "marshal() and unmarshal() must be revisited if ZT_SYMMETRIC_KEY_SIZE is changed"); + static_assert( + ZT_SYMMETRIC_KEY_SIZE == 48, + "marshal() and unmarshal() must be revisited if ZT_SYMMETRIC_KEY_SIZE is changed"); ctx.localSecretCipher.decrypt(data + 1 + ZT_ADDRESS_LENGTH, k); ctx.localSecretCipher.decrypt(data + 1 + ZT_ADDRESS_LENGTH + 16, k + 16); ctx.localSecretCipher.decrypt(data + 1 + ZT_ADDRESS_LENGTH + 32, k + 32); @@ -486,9 +504,9 @@ int Peer::unmarshal(const Context& ctx, const int64_t ticks, const uint8_t* rest return s; p += s; - if (! identityKeyRestored) { + if (!identityKeyRestored) { uint8_t k[ZT_SYMMETRIC_KEY_SIZE]; - if (! ctx.identity.agree(m_id, k)) + if (!ctx.identity.agree(m_id, k)) return -1; m_identityKey.init(ticks, k); Utils::burn(k, sizeof(k)); @@ -502,8 +520,8 @@ int Peer::unmarshal(const Context& ctx, const int64_t ticks, const uint8_t* rest } else if (data[p] == 1) { ++p; - Locator* const loc = new Locator(); - s = loc->unmarshal(data + p, len - p); + Locator *const loc = new Locator(); + s = loc->unmarshal(data + p, len - p); m_locator.set(loc); if (s < 0) return s; @@ -531,7 +549,7 @@ int Peer::unmarshal(const Context& ctx, const int64_t ticks, const uint8_t* rest } struct _PathPriorityComparisonOperator { - ZT_INLINE bool operator()(const SharedPtr& a, const SharedPtr& b) const noexcept + ZT_INLINE bool operator()(const SharedPtr &a, const SharedPtr &b) const noexcept { if (a) { if (b) @@ -545,12 +563,12 @@ struct _PathPriorityComparisonOperator { } }; -void Peer::m_prioritizePaths(const CallContext& cc) +void Peer::m_prioritizePaths(const CallContext &cc) { // assumes m_lock is locked // Need to hold the current best just in case we drop it before changing the atomic. - const SharedPtr oldBest(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); + const SharedPtr oldBest(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); // Clean and reprioritize paths. if (m_alivePathCount != 0) { @@ -573,7 +591,9 @@ void Peer::m_prioritizePaths(const CallContext& cc) m_bestPath.store((m_alivePathCount != 0) ? (uintptr_t)m_paths[0].ptr() : (uintptr_t)0, std::memory_order_release); } -unsigned int Peer::m_sendProbe(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, const uint16_t* ports, const unsigned int numPorts) +unsigned int Peer::m_sendProbe( + const Context &ctx, const CallContext &cc, int64_t localSocket, const InetAddress &atAddress, const uint16_t *ports, + const unsigned int numPorts) { // Assumes m_lock is locked @@ -582,11 +602,12 @@ unsigned int Peer::m_sendProbe(const Context& ctx, const CallContext& cc, int64_ // some future attacker compromises it. uint8_t p[ZT_PROTO_MIN_PACKET_LENGTH]; - Utils::storeMachineEndian(p + ZT_PROTO_PACKET_ID_INDEX, m_identityKey.nextMessage(ctx.identity.address(), m_id.address())); + Utils::storeMachineEndian( + p + ZT_PROTO_PACKET_ID_INDEX, m_identityKey.nextMessage(ctx.identity.address(), m_id.address())); m_id.address().copyTo(p + ZT_PROTO_PACKET_DESTINATION_INDEX); ctx.identity.address().copyTo(p + ZT_PROTO_PACKET_SOURCE_INDEX); p[ZT_PROTO_PACKET_FLAGS_INDEX] = 0; - p[ZT_PROTO_PACKET_VERB_INDEX] = Protocol::VERB_NOP; + p[ZT_PROTO_PACKET_VERB_INDEX] = Protocol::VERB_NOP; ctx.expect->sending(Protocol::armor(p, ZT_PROTO_MIN_PACKET_LENGTH, m_identityKey, cipher()), cc.ticks); @@ -594,12 +615,16 @@ unsigned int Peer::m_sendProbe(const Context& ctx, const CallContext& cc, int64_ InetAddress tmp(atAddress); for (unsigned int i = 0; i < numPorts; ++i) { tmp.setPort(ports[i]); - ctx.cb.wirePacketSendFunction(reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, -1, reinterpret_cast(&tmp), p, ZT_PROTO_MIN_PACKET_LENGTH, 0); + ctx.cb.wirePacketSendFunction( + reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, -1, + reinterpret_cast(&tmp), p, ZT_PROTO_MIN_PACKET_LENGTH, 0); } return ZT_PROTO_MIN_PACKET_LENGTH * numPorts; } else { - ctx.cb.wirePacketSendFunction(reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, -1, reinterpret_cast(&atAddress), p, ZT_PROTO_MIN_PACKET_LENGTH, 0); + ctx.cb.wirePacketSendFunction( + reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, -1, + reinterpret_cast(&atAddress), p, ZT_PROTO_MIN_PACKET_LENGTH, 0); return ZT_PROTO_MIN_PACKET_LENGTH; } } @@ -618,7 +643,9 @@ void Peer::m_deriveSecondaryIdentityKeys() noexcept KBKDFHMACSHA384(m_identityKey.key(), ZT_KBKDF_LABEL_PACKET_HMAC, 0, 0, m_helloMacKey); } -unsigned int Peer::m_hello(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, const bool forceNewKey) +unsigned int Peer::m_hello( + const Context &ctx, const CallContext &cc, int64_t localSocket, const InetAddress &atAddress, + const bool forceNewKey) { // assumes m_lock is at least locked for reading @@ -633,30 +660,30 @@ unsigned int Peer::m_hello(const Context& ctx, const CallContext& cc, int64_t lo * here is also needed to satisfy some FIPS/NIST type requirements. */ // Pick or generate an ephemeral key to send with this HELLO. - p_EphemeralPrivate* ephemeral; + p_EphemeralPrivate *ephemeral; { - p_EphemeralPrivate* earliest = m_ephemeralKeysSent; - p_EphemeralPrivate* latest = nullptr; + p_EphemeralPrivate *earliest = m_ephemeralKeysSent; + p_EphemeralPrivate *latest = nullptr; int64_t earliestEphemeralPrivate = 9223372036854775807LL; - int64_t latestEphemeralPrivate = 0; + int64_t latestEphemeralPrivate = 0; for (unsigned int k = 0; k < ZT_PEER_EPHEMERAL_KEY_BUFFER_SIZE; ++k) { const int64_t ct = m_ephemeralKeysSent[k].creationTime; if (ct <= earliestEphemeralPrivate) { earliestEphemeralPrivate = ct; - earliest = m_ephemeralKeysSent + k; + earliest = m_ephemeralKeysSent + k; } else if (ct >= latestEphemeralPrivate) { // creationTime will be -1 if not initialized latestEphemeralPrivate = ct; - latest = m_ephemeralKeysSent + k; + latest = m_ephemeralKeysSent + k; } } - if ((latest != nullptr) && (! forceNewKey) && ((cc.ticks - latest->creationTime) < (ZT_SYMMETRIC_KEY_TTL / 2))) { + if ((latest != nullptr) && (!forceNewKey) && ((cc.ticks - latest->creationTime) < (ZT_SYMMETRIC_KEY_TTL / 2))) { ephemeral = latest; } else { earliest->creationTime = cc.ticks; - earliest->pub.type = ZT_PROTO_EPHEMERAL_KEY_TYPE_C25519_P384; + earliest->pub.type = ZT_PROTO_EPHEMERAL_KEY_TYPE_C25519_P384; C25519::generateC25519(earliest->pub.c25519Public, earliest->c25519Private); ECC384GenerateKey(earliest->pub.p384Public, earliest->p384Private); SHA384(earliest->sha384OfPublic, &earliest->pub, sizeof(earliest->pub)); @@ -683,7 +710,7 @@ unsigned int Peer::m_hello(const Context& ctx, const CallContext& cc, int64_t lo // LEGACY: the six reserved bytes after the IV exist for legacy compatibility with v1.x nodes. // Once those are dead they'll become just reserved bytes for future use as flags etc. outp.wI32(ii, 0); // reserved bytes - void* const legacyMoonCountStart = outp.unsafeData + ii; + void *const legacyMoonCountStart = outp.unsafeData + ii; outp.wI16(ii, 0); const uint64_t legacySalsaIv = packetId & ZT_CONST_TO_BE_UINT64(0xfffffffffffffff8ULL); Salsa20(m_identityKey.key(), &legacySalsaIv).crypt12(legacyMoonCountStart, legacyMoonCountStart, 2); @@ -705,7 +732,7 @@ unsigned int Peer::m_hello(const Context& ctx, const CallContext& cc, int64_t lo // particular this means that the public keys exchanged for ephemeral keying // are concealed from any observer. AES::CTR ctr(m_helloCipher); - void* const cryptSection = outp.unsafeData + ii; + void *const cryptSection = outp.unsafeData + ii; ctr.init(outp.unsafeData + ivStart, 0, cryptSection); ctr.crypt(cryptSection, ii - cryptSectionStart); ctr.finish(); @@ -719,12 +746,19 @@ unsigned int Peer::m_hello(const Context& ctx, const CallContext& cc, int64_t lo Protocol::salsa2012DeriveKey(m_identityKey.key(), perPacketKey, outp, ii); Salsa20(perPacketKey, &packetId).crypt12(Utils::ZERO256, polyKey, sizeof(polyKey)); Poly1305 p1305(polyKey); - p1305.update(outp.unsafeData + ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, ii - ZT_PROTO_PACKET_ENCRYPTED_SECTION_START); + p1305.update( + outp.unsafeData + ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, ii - ZT_PROTO_PACKET_ENCRYPTED_SECTION_START); uint64_t polyMac[2]; p1305.finish(polyMac); Utils::storeMachineEndian(outp.unsafeData + ZT_PROTO_PACKET_MAC_INDEX, polyMac[0]); - return (likely(ctx.cb.wirePacketSendFunction(reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, localSocket, reinterpret_cast(&atAddress), outp.unsafeData, ii, 0) == 0)) ? (unsigned int)ii : 0U; + return (likely( + ctx.cb.wirePacketSendFunction( + reinterpret_cast(ctx.node), ctx.uPtr, cc.tPtr, localSocket, + reinterpret_cast(&atAddress), outp.unsafeData, ii, 0) + == 0)) + ? (unsigned int)ii + : 0U; } } // namespace ZeroTier diff --git a/core/Peer.hpp b/core/Peer.hpp index d7f92aab9..c925a3882 100644 --- a/core/Peer.hpp +++ b/core/Peer.hpp @@ -31,7 +31,9 @@ #include "SymmetricKey.hpp" #include "Utils.hpp" -#define ZT_PEER_MARSHAL_SIZE_MAX (1 + ZT_ADDRESS_LENGTH + ZT_SYMMETRIC_KEY_SIZE + ZT_IDENTITY_MARSHAL_SIZE_MAX + 1 + ZT_LOCATOR_MARSHAL_SIZE_MAX + (2 * 4) + 2) +#define ZT_PEER_MARSHAL_SIZE_MAX \ + (1 + ZT_ADDRESS_LENGTH + ZT_SYMMETRIC_KEY_SIZE + ZT_IDENTITY_MARSHAL_SIZE_MAX + 1 + ZT_LOCATOR_MARSHAL_SIZE_MAX \ + + (2 * 4) + 2) #define ZT_PEER_DEDUP_BUFFER_SIZE 1024 #define ZT_PEER_DEDUP_BUFFER_MASK 1023U @@ -66,23 +68,17 @@ class Peer { * @param peerIdentity The peer's identity * @return True if initialization was succcesful */ - bool init(const Context& ctx, const CallContext& cc, const Identity& peerIdentity); + bool init(const Context &ctx, const CallContext &cc, const Identity &peerIdentity); /** * @return This peer's ZT address (short for identity().address()) */ - ZT_INLINE Address address() const noexcept - { - return m_id.address(); - } + ZT_INLINE Address address() const noexcept { return m_id.address(); } /** * @return This peer's identity */ - ZT_INLINE const Identity& identity() const noexcept - { - return m_id; - } + ZT_INLINE const Identity &identity() const noexcept { return m_id; } /** * @return Current locator or NULL if no locator is known @@ -103,11 +99,11 @@ class Peer { * @param verify If true, verify locator's signature and structure * @return New locator or previous if it was not replaced. */ - ZT_INLINE SharedPtr setLocator(const SharedPtr& loc, const bool verify) noexcept + ZT_INLINE SharedPtr setLocator(const SharedPtr &loc, const bool verify) noexcept { RWMutex::Lock l(m_lock); - if ((loc) && ((! m_locator) || (m_locator->revision() < loc->revision()))) { - if ((! verify) || loc->verify(m_id)) + if ((loc) && ((!m_locator) || (m_locator->revision() < loc->revision()))) { + if ((!verify) || loc->verify(m_id)) m_locator = loc; } return m_locator; @@ -125,14 +121,16 @@ class Peer { * @param verb Packet verb * @param inReVerb In-reply verb for OK or ERROR verbs */ - void received(const Context& ctx, const CallContext& cc, const SharedPtr& path, unsigned int hops, uint64_t packetId, unsigned int payloadLength, Protocol::Verb verb, Protocol::Verb inReVerb); + void received( + const Context &ctx, const CallContext &cc, const SharedPtr &path, unsigned int hops, uint64_t packetId, + unsigned int payloadLength, Protocol::Verb verb, Protocol::Verb inReVerb); /** * Log sent data * * @param bytes Number of bytes written */ - ZT_INLINE void sent(const CallContext& cc, const unsigned int bytes) noexcept + ZT_INLINE void sent(const CallContext &cc, const unsigned int bytes) noexcept { m_lastSend.store(cc.ticks, std::memory_order_relaxed); m_outMeter.log(cc.ticks, bytes); @@ -143,7 +141,7 @@ class Peer { * * @param bytes Number of bytes relayed */ - ZT_INLINE void relayed(const CallContext& cc, const unsigned int bytes) noexcept + ZT_INLINE void relayed(const CallContext &cc, const unsigned int bytes) noexcept { m_relayedMeter.log(cc.ticks, bytes); } @@ -153,9 +151,9 @@ class Peer { * * @return Current best path or NULL if there is no direct path */ - ZT_INLINE SharedPtr path(const CallContext& cc) noexcept + ZT_INLINE SharedPtr path(const CallContext &cc) noexcept { - return SharedPtr(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); + return SharedPtr(reinterpret_cast(m_bestPath.load(std::memory_order_acquire))); } /** @@ -165,7 +163,9 @@ class Peer { * @param len Length in bytes * @param via Path over which to send data (may or may not be an already-learned path for this peer) */ - ZT_INLINE void send(const Context& ctx, const CallContext& cc, const void* data, unsigned int len, const SharedPtr& via) noexcept + ZT_INLINE void send( + const Context &ctx, const CallContext &cc, const void *data, unsigned int len, + const SharedPtr &via) noexcept { via->send(ctx, cc, data, len); sent(cc, len); @@ -180,12 +180,12 @@ class Peer { * @param data Data to send * @param len Length in bytes */ - void send(const Context& ctx, const CallContext& cc, const void* data, unsigned int len) noexcept; + void send(const Context &ctx, const CallContext &cc, const void *data, unsigned int len) noexcept; /** * Do ping, probes, re-keying, and keepalive with this peer, as needed. */ - void pulse(const Context& ctx, const CallContext& cc); + void pulse(const Context &ctx, const CallContext &cc); /** * Attempt to contact this peer at a given endpoint. @@ -196,7 +196,7 @@ class Peer { * @param ep Endpoint to attempt to contact * @param tries Number of times to try (default: 1) */ - void contact(const Context& ctx, const CallContext& cc, const Endpoint& ep, int tries = 1); + void contact(const Context &ctx, const CallContext &cc, const Endpoint &ep, int tries = 1); /** * Reset paths within a given IP scope and address family @@ -209,15 +209,12 @@ class Peer { * @param scope IP scope * @param inetAddressFamily Family e.g. AF_INET */ - void resetWithinScope(const Context& ctx, const CallContext& cc, InetAddress::IpScope scope, int inetAddressFamily); + void resetWithinScope(const Context &ctx, const CallContext &cc, InetAddress::IpScope scope, int inetAddressFamily); /** * @return Time of last receive of anything, whether direct or relayed */ - ZT_INLINE int64_t lastReceive() const noexcept - { - return m_lastReceive.load(std::memory_order_relaxed); - } + ZT_INLINE int64_t lastReceive() const noexcept { return m_lastReceive.load(std::memory_order_relaxed); } /** * @return Average latency of all direct paths or -1 if no direct paths or unknown @@ -250,41 +247,29 @@ class Peer { /** * @return The permanent shared key for this peer computed by simple identity agreement */ - ZT_INLINE SymmetricKey& identityKey() noexcept - { - return m_identityKey; - } + ZT_INLINE SymmetricKey &identityKey() noexcept { return m_identityKey; } /** * @return AES instance for HELLO dictionary / encrypted section encryption/decryption */ - ZT_INLINE const AES& identityHelloDictionaryEncryptionCipher() const noexcept - { - return m_helloCipher; - } + ZT_INLINE const AES &identityHelloDictionaryEncryptionCipher() const noexcept { return m_helloCipher; } /** * @return Key for HMAC on HELLOs */ - ZT_INLINE const uint8_t* identityHelloHmacKey() const noexcept - { - return m_helloMacKey; - } + ZT_INLINE const uint8_t *identityHelloHmacKey() const noexcept { return m_helloMacKey; } /** * @return Raw identity key bytes */ - ZT_INLINE const uint8_t* rawIdentityKey() const noexcept - { - return m_identityKey.key(); - } + ZT_INLINE const uint8_t *rawIdentityKey() const noexcept { return m_identityKey.key(); } /** * @return Current best key: either the latest ephemeral or the identity key */ - ZT_INLINE SymmetricKey& key() noexcept + ZT_INLINE SymmetricKey &key() noexcept { - return *reinterpret_cast(m_key.load(std::memory_order_relaxed)); + return *reinterpret_cast(m_key.load(std::memory_order_relaxed)); } /** @@ -298,14 +283,15 @@ class Peer { * @param notYetTried All keys known (long lived or session) other than alreadyTried * @return Number of pointers written to notYetTried[] */ - ZT_INLINE int getOtherKeys(const SymmetricKey* const alreadyTried, SymmetricKey* notYetTried[ZT_PEER_EPHEMERAL_KEY_COUNT_MAX]) noexcept + ZT_INLINE int getOtherKeys( + const SymmetricKey *const alreadyTried, SymmetricKey *notYetTried[ZT_PEER_EPHEMERAL_KEY_COUNT_MAX]) noexcept { RWMutex::RLock l(m_lock); int cnt = 0; if (alreadyTried != &m_identityKey) notYetTried[cnt++] = &m_identityKey; for (unsigned int k = 0; k < ZT_PEER_EPHEMERAL_KEY_BUFFER_SIZE; ++k) { - SymmetricKey* const kk = &m_ephemeralSessions[k].key; + SymmetricKey *const kk = &m_ephemeralSessions[k].key; if (m_ephemeralSessions[k].established && (alreadyTried != kk)) notYetTried[cnt++] = kk; } @@ -334,12 +320,13 @@ class Peer { * @param vmin Minor version * @param vrev Revision */ - ZT_INLINE void setRemoteVersion(unsigned int vproto, unsigned int vmaj, unsigned int vmin, unsigned int vrev) noexcept + ZT_INLINE void + setRemoteVersion(unsigned int vproto, unsigned int vmaj, unsigned int vmin, unsigned int vrev) noexcept { RWMutex::Lock l(m_lock); - m_vProto = (uint16_t)vproto; - m_vMajor = (uint16_t)vmaj; - m_vMinor = (uint16_t)vmin; + m_vProto = (uint16_t)vproto; + m_vMajor = (uint16_t)vmaj; + m_vMinor = (uint16_t)vmin; m_vRevision = (uint16_t)vrev; } @@ -355,7 +342,7 @@ class Peer { * @param vRevision Set to revision * @return True if remote version is known */ - ZT_INLINE bool remoteVersion(uint16_t& vProto, uint16_t& vMajor, uint16_t& vMinor, uint16_t& vRevision) + ZT_INLINE bool remoteVersion(uint16_t &vProto, uint16_t &vMajor, uint16_t &vMinor, uint16_t &vRevision) { RWMutex::RLock l(m_lock); return (((vProto = m_vProto) | (vMajor = m_vMajor) | (vMinor = m_vMinor) | (vRevision = m_vRevision)) != 0); @@ -375,7 +362,7 @@ class Peer { * * @param paths Vector of paths with the first path being the current preferred path */ - ZT_INLINE void getAllPaths(Vector >& paths) const + ZT_INLINE void getAllPaths(Vector> &paths) const { RWMutex::RLock l(m_lock); paths.assign(m_paths, m_paths + m_alivePathCount); @@ -384,20 +371,17 @@ class Peer { /** * Save the latest version of this peer to the data store */ - void save(const Context& ctx, const CallContext& cc) const; + void save(const Context &ctx, const CallContext &cc) const; - static constexpr int marshalSizeMax() noexcept - { - return ZT_PEER_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_PEER_MARSHAL_SIZE_MAX; } - int marshal(const Context& ctx, uint8_t data[ZT_PEER_MARSHAL_SIZE_MAX]) const noexcept; - int unmarshal(const Context& ctx, int64_t ticks, const uint8_t* restrict data, int len) noexcept; + int marshal(const Context &ctx, uint8_t data[ZT_PEER_MARSHAL_SIZE_MAX]) const noexcept; + int unmarshal(const Context &ctx, int64_t ticks, const uint8_t *restrict data, int len) noexcept; /** * Rate limit gate for inbound WHOIS requests */ - ZT_INLINE bool rateGateInboundWhoisRequest(CallContext& cc) noexcept + ZT_INLINE bool rateGateInboundWhoisRequest(CallContext &cc) noexcept { if ((cc.ticks - m_lastWhoisRequestReceived.load(std::memory_order_relaxed)) >= ZT_PEER_WHOIS_RATE_LIMIT) { m_lastWhoisRequestReceived.store(cc.ticks, std::memory_order_relaxed); @@ -409,7 +393,7 @@ class Peer { /** * Rate limit gate for inbound ECHO requests */ - ZT_INLINE bool rateGateEchoRequest(CallContext& cc) noexcept + ZT_INLINE bool rateGateEchoRequest(CallContext &cc) noexcept { if ((cc.ticks - m_lastEchoRequestReceived.load(std::memory_order_relaxed)) >= ZT_PEER_GENERAL_RATE_LIMIT) { m_lastEchoRequestReceived.store(cc.ticks, std::memory_order_relaxed); @@ -421,7 +405,7 @@ class Peer { /** * Rate limit gate for inbound probes */ - ZT_INLINE bool rateGateProbeRequest(CallContext& cc) noexcept + ZT_INLINE bool rateGateProbeRequest(CallContext &cc) noexcept { if ((cc.ticks - m_lastProbeReceived.load(std::memory_order_relaxed)) > ZT_PEER_PROBE_RESPONSE_RATE_LIMIT) { m_lastProbeReceived.store(cc.ticks, std::memory_order_relaxed); @@ -441,7 +425,9 @@ class Peer { */ ZT_INLINE bool deduplicateIncomingPacket(const uint64_t packetId) noexcept { - return m_dedup[Utils::hash32((uint32_t)packetId) & ZT_PEER_DEDUP_BUFFER_MASK].exchange(packetId, std::memory_order_relaxed) == packetId; + return m_dedup[Utils::hash32((uint32_t)packetId) & ZT_PEER_DEDUP_BUFFER_MASK].exchange( + packetId, std::memory_order_relaxed) + == packetId; } private: @@ -451,17 +437,14 @@ class Peer { uint8_t p384Public[ZT_ECC384_PUBLIC_KEY_SIZE]; }; - static_assert(sizeof(p_EphemeralPublic) == (1 + ZT_C25519_ECDH_PUBLIC_KEY_SIZE + ZT_ECC384_PUBLIC_KEY_SIZE), "p_EphemeralPublic has extra padding"); + static_assert( + sizeof(p_EphemeralPublic) == (1 + ZT_C25519_ECDH_PUBLIC_KEY_SIZE + ZT_ECC384_PUBLIC_KEY_SIZE), + "p_EphemeralPublic has extra padding"); struct p_EphemeralPrivate { - ZT_INLINE p_EphemeralPrivate() noexcept : creationTime(-1) - { - } + ZT_INLINE p_EphemeralPrivate() noexcept : creationTime(-1) {} - ZT_INLINE ~p_EphemeralPrivate() - { - Utils::burn(this, sizeof(p_EphemeralPublic)); - } + ZT_INLINE ~p_EphemeralPrivate() { Utils::burn(this, sizeof(p_EphemeralPublic)); } int64_t creationTime; uint64_t sha384OfPublic[6]; @@ -471,19 +454,20 @@ class Peer { }; struct p_EphemeralSession { - ZT_INLINE p_EphemeralSession() noexcept : established(false) - { - } + ZT_INLINE p_EphemeralSession() noexcept : established(false) {} uint64_t sha384OfPeerPublic[6]; SymmetricKey key; bool established; }; - void m_prioritizePaths(const CallContext& cc); - unsigned int m_sendProbe(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, const uint16_t* ports, unsigned int numPorts); + void m_prioritizePaths(const CallContext &cc); + unsigned int m_sendProbe( + const Context &ctx, const CallContext &cc, int64_t localSocket, const InetAddress &atAddress, + const uint16_t *ports, unsigned int numPorts); void m_deriveSecondaryIdentityKeys() noexcept; - unsigned int m_hello(const Context& ctx, const CallContext& cc, int64_t localSocket, const InetAddress& atAddress, bool forceNewKey); + unsigned int m_hello( + const Context &ctx, const CallContext &cc, int64_t localSocket, const InetAddress &atAddress, bool forceNewKey); // Guards all fields except those otherwise indicated (and atomics of course). RWMutex m_lock; @@ -552,13 +536,9 @@ class Peer { std::atomic __refCount; struct p_TryQueueItem { - ZT_INLINE p_TryQueueItem() : target(), iteration(0) - { - } + ZT_INLINE p_TryQueueItem() : target(), iteration(0) {} - ZT_INLINE p_TryQueueItem(const Endpoint& t, int iter) : target(t), iteration(iter) - { - } + ZT_INLINE p_TryQueueItem(const Endpoint &t, int iter) : target(t), iteration(iter) {} Endpoint target; int iteration; diff --git a/core/Poly1305.cpp b/core/Poly1305.cpp index 0dc8fb285..c59739b74 100644 --- a/core/Poly1305.cpp +++ b/core/Poly1305.cpp @@ -48,9 +48,9 @@ typedef struct poly1305_state_internal_t { unsigned char final; } poly1305_state_internal_t; -ZT_INLINE void poly1305_init(poly1305_context* ctx, const unsigned char key[32]) +ZT_INLINE void poly1305_init(poly1305_context *ctx, const unsigned char key[32]) { - poly1305_state_internal_t* st = (poly1305_state_internal_t*)ctx; + poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; unsigned long long t0, t1; /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ @@ -71,10 +71,10 @@ ZT_INLINE void poly1305_init(poly1305_context* ctx, const unsigned char key[32]) st->pad[1] = U8TO64(&key[24]); st->leftover = 0; - st->final = 0; + st->final = 0; } -void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size_t bytes) +void poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m, size_t bytes) { const unsigned long long hibit = (st->final) ? 0 : ((unsigned long long)1 << 40); /* 1 << 128 */ unsigned long long r0, r1, r2; @@ -123,15 +123,15 @@ void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size /* (partial) h %= p */ unsigned long long c = SHR(d0, 44); - h0 = LO(d0) & 0xfffffffffff; + h0 = LO(d0) & 0xfffffffffff; ADDLO(d1, c); - c = SHR(d1, 44); + c = SHR(d1, 44); h1 = LO(d1) & 0xfffffffffff; ADDLO(d2, c); - c = SHR(d2, 42); + c = SHR(d2, 42); h2 = LO(d2) & 0x3ffffffffff; h0 += c * 5; - c = (h0 >> 44); + c = (h0 >> 44); h0 = h0 & 0xfffffffffff; h1 += c; @@ -144,16 +144,16 @@ void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size st->h[2] = h2; } -ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) +ZT_INLINE void poly1305_finish(poly1305_context *ctx, unsigned char mac[16]) { - poly1305_state_internal_t* st = (poly1305_state_internal_t*)ctx; + poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; unsigned long long h0, h1, h2, c; unsigned long long g0, g1, g2; unsigned long long t0, t1; /* process the remaining block */ if (st->leftover) { - size_t i = st->leftover; + size_t i = st->leftover; st->buffer[i] = 1; for (i = i + 1; i < poly1305_block_size; i++) st->buffer[i] = 0; @@ -187,10 +187,10 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) /* compute h + -p */ g0 = h0 + 5; - c = (g0 >> 44); + c = (g0 >> 44); g0 &= 0xfffffffffff; g1 = h1 + c; - c = (g1 >> 44); + c = (g1 >> 44); g1 &= 0xfffffffffff; g2 = h2 + c - ((unsigned long long)1 << 42); @@ -199,7 +199,7 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) g0 &= c; g1 &= c; g2 &= c; - c = ~c; + c = ~c; h0 = (h0 & c) | g0; h1 = (h1 & c) | g1; h2 = (h2 & c) | g2; @@ -225,12 +225,12 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) U64TO8(&mac[8], h1); /* zero out the state */ - st->h[0] = 0; - st->h[1] = 0; - st->h[2] = 0; - st->r[0] = 0; - st->r[1] = 0; - st->r[2] = 0; + st->h[0] = 0; + st->h[1] = 0; + st->h[2] = 0; + st->r[0] = 0; + st->r[1] = 0; + st->r[2] = 0; st->pad[0] = 0; st->pad[1] = 0; } @@ -248,9 +248,9 @@ typedef struct poly1305_state_internal_t { unsigned char final; } poly1305_state_internal_t; -ZT_INLINE void poly1305_init(poly1305_context* ctx, const unsigned char key[32]) +ZT_INLINE void poly1305_init(poly1305_context *ctx, const unsigned char key[32]) { - poly1305_state_internal_t* st = (poly1305_state_internal_t*)ctx; + poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; /* r &= 0xffffffc0ffffffc0ffffffc0fffffff */ st->r[0] = (U8TO32(&key[0])) & 0x3ffffff; @@ -273,10 +273,10 @@ ZT_INLINE void poly1305_init(poly1305_context* ctx, const unsigned char key[32]) st->pad[3] = U8TO32(&key[28]); st->leftover = 0; - st->final = 0; + st->final = 0; } -void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size_t bytes) +void poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m, size_t bytes) { const unsigned long hibit = (st->final) ? 0 : (1 << 24); /* 1 << 128 */ unsigned long r0, r1, r2, r3, r4; @@ -309,29 +309,39 @@ void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size h4 += (U8TO32(m + 12) >> 8) | hibit; /* h *= r */ - unsigned long long d0 = ((unsigned long long)h0 * r0) + ((unsigned long long)h1 * s4) + ((unsigned long long)h2 * s3) + ((unsigned long long)h3 * s2) + ((unsigned long long)h4 * s1); - unsigned long long d1 = ((unsigned long long)h0 * r1) + ((unsigned long long)h1 * r0) + ((unsigned long long)h2 * s4) + ((unsigned long long)h3 * s3) + ((unsigned long long)h4 * s2); - unsigned long long d2 = ((unsigned long long)h0 * r2) + ((unsigned long long)h1 * r1) + ((unsigned long long)h2 * r0) + ((unsigned long long)h3 * s4) + ((unsigned long long)h4 * s3); - unsigned long long d3 = ((unsigned long long)h0 * r3) + ((unsigned long long)h1 * r2) + ((unsigned long long)h2 * r1) + ((unsigned long long)h3 * r0) + ((unsigned long long)h4 * s4); - unsigned long long d4 = ((unsigned long long)h0 * r4) + ((unsigned long long)h1 * r3) + ((unsigned long long)h2 * r2) + ((unsigned long long)h3 * r1) + ((unsigned long long)h4 * r0); + unsigned long long d0 = ((unsigned long long)h0 * r0) + ((unsigned long long)h1 * s4) + + ((unsigned long long)h2 * s3) + ((unsigned long long)h3 * s2) + + ((unsigned long long)h4 * s1); + unsigned long long d1 = ((unsigned long long)h0 * r1) + ((unsigned long long)h1 * r0) + + ((unsigned long long)h2 * s4) + ((unsigned long long)h3 * s3) + + ((unsigned long long)h4 * s2); + unsigned long long d2 = ((unsigned long long)h0 * r2) + ((unsigned long long)h1 * r1) + + ((unsigned long long)h2 * r0) + ((unsigned long long)h3 * s4) + + ((unsigned long long)h4 * s3); + unsigned long long d3 = ((unsigned long long)h0 * r3) + ((unsigned long long)h1 * r2) + + ((unsigned long long)h2 * r1) + ((unsigned long long)h3 * r0) + + ((unsigned long long)h4 * s4); + unsigned long long d4 = ((unsigned long long)h0 * r4) + ((unsigned long long)h1 * r3) + + ((unsigned long long)h2 * r2) + ((unsigned long long)h3 * r1) + + ((unsigned long long)h4 * r0); /* (partial) h %= p */ unsigned long c = (unsigned long)(d0 >> 26); - h0 = (unsigned long)d0 & 0x3ffffff; + h0 = (unsigned long)d0 & 0x3ffffff; d1 += c; - c = (unsigned long)(d1 >> 26); + c = (unsigned long)(d1 >> 26); h1 = (unsigned long)d1 & 0x3ffffff; d2 += c; - c = (unsigned long)(d2 >> 26); + c = (unsigned long)(d2 >> 26); h2 = (unsigned long)d2 & 0x3ffffff; d3 += c; - c = (unsigned long)(d3 >> 26); + c = (unsigned long)(d3 >> 26); h3 = (unsigned long)d3 & 0x3ffffff; d4 += c; - c = (unsigned long)(d4 >> 26); + c = (unsigned long)(d4 >> 26); h4 = (unsigned long)d4 & 0x3ffffff; h0 += c * 5; - c = (h0 >> 26); + c = (h0 >> 26); h0 = h0 & 0x3ffffff; h1 += c; @@ -346,9 +356,9 @@ void poly1305_blocks(poly1305_state_internal_t* st, const unsigned char* m, size st->h[4] = h4; } -ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) +ZT_INLINE void poly1305_finish(poly1305_context *ctx, unsigned char mac[16]) { - poly1305_state_internal_t* st = (poly1305_state_internal_t*)ctx; + poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; unsigned long h0, h1, h2, h3, h4, c; unsigned long g0, g1, g2, g3, g4; unsigned long long f; @@ -356,7 +366,7 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) /* process the remaining block */ if (st->leftover) { - size_t i = st->leftover; + size_t i = st->leftover; st->buffer[i++] = 1; for (; i < poly1305_block_size; i++) st->buffer[i] = 0; @@ -371,34 +381,34 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) h3 = st->h[3]; h4 = st->h[4]; - c = h1 >> 26; + c = h1 >> 26; h1 = h1 & 0x3ffffff; h2 += c; - c = h2 >> 26; + c = h2 >> 26; h2 = h2 & 0x3ffffff; h3 += c; - c = h3 >> 26; + c = h3 >> 26; h3 = h3 & 0x3ffffff; h4 += c; - c = h4 >> 26; + c = h4 >> 26; h4 = h4 & 0x3ffffff; h0 += c * 5; - c = h0 >> 26; + c = h0 >> 26; h0 = h0 & 0x3ffffff; h1 += c; /* compute h + -p */ g0 = h0 + 5; - c = g0 >> 26; + c = g0 >> 26; g0 &= 0x3ffffff; g1 = h1 + c; - c = g1 >> 26; + c = g1 >> 26; g1 &= 0x3ffffff; g2 = h2 + c; - c = g2 >> 26; + c = g2 >> 26; g2 &= 0x3ffffff; g3 = h3 + c; - c = g3 >> 26; + c = g3 >> 26; g3 &= 0x3ffffff; g4 = h4 + c - (1 << 26); @@ -410,11 +420,11 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) g3 &= mask; g4 &= mask; mask = ~mask; - h0 = (h0 & mask) | g0; - h1 = (h1 & mask) | g1; - h2 = (h2 & mask) | g2; - h3 = (h3 & mask) | g3; - h4 = (h4 & mask) | g4; + h0 = (h0 & mask) | g0; + h1 = (h1 & mask) | g1; + h2 = (h2 & mask) | g2; + h3 = (h3 & mask) | g3; + h4 = (h4 & mask) | g4; /* h = h % (2^128) */ h0 = ((h0) | (h1 << 26)) & 0xffffffff; @@ -423,13 +433,13 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) h3 = ((h3 >> 18) | (h4 << 8)) & 0xffffffff; /* mac = (h + pad) % (2^128) */ - f = (unsigned long long)h0 + st->pad[0]; + f = (unsigned long long)h0 + st->pad[0]; h0 = (unsigned long)f; - f = (unsigned long long)h1 + st->pad[1] + (f >> 32); + f = (unsigned long long)h1 + st->pad[1] + (f >> 32); h1 = (unsigned long)f; - f = (unsigned long long)h2 + st->pad[2] + (f >> 32); + f = (unsigned long long)h2 + st->pad[2] + (f >> 32); h2 = (unsigned long)f; - f = (unsigned long long)h3 + st->pad[3] + (f >> 32); + f = (unsigned long long)h3 + st->pad[3] + (f >> 32); h3 = (unsigned long)f; U32TO8(mac + 0, h0); @@ -438,16 +448,16 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) U32TO8(mac + 12, h3); /* zero out the state */ - st->h[0] = 0; - st->h[1] = 0; - st->h[2] = 0; - st->h[3] = 0; - st->h[4] = 0; - st->r[0] = 0; - st->r[1] = 0; - st->r[2] = 0; - st->r[3] = 0; - st->r[4] = 0; + st->h[0] = 0; + st->h[1] = 0; + st->h[2] = 0; + st->h[3] = 0; + st->h[4] = 0; + st->r[0] = 0; + st->r[1] = 0; + st->r[2] = 0; + st->r[3] = 0; + st->r[4] = 0; st->pad[0] = 0; st->pad[1] = 0; st->pad[2] = 0; @@ -456,9 +466,9 @@ ZT_INLINE void poly1305_finish(poly1305_context* ctx, unsigned char mac[16]) #endif // uint128_t or portable version? -ZT_INLINE void poly1305_update(poly1305_context* ctx, const unsigned char* m, size_t bytes) noexcept +ZT_INLINE void poly1305_update(poly1305_context *ctx, const unsigned char *m, size_t bytes) noexcept { - poly1305_state_internal_t* st = (poly1305_state_internal_t*)ctx; + poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx; size_t i; /* handle leftover */ @@ -495,20 +505,21 @@ ZT_INLINE void poly1305_update(poly1305_context* ctx, const unsigned char* m, si } // anonymous namespace -void Poly1305::init(const void* key) noexcept +void Poly1305::init(const void *key) noexcept { static_assert(sizeof(ctx) >= sizeof(poly1305_context), "buffer in class smaller than required structure size"); - poly1305_init(reinterpret_cast(&ctx), reinterpret_cast(key)); + poly1305_init(reinterpret_cast(&ctx), reinterpret_cast(key)); } -void Poly1305::update(const void* data, unsigned int len) noexcept +void Poly1305::update(const void *data, unsigned int len) noexcept { - poly1305_update(reinterpret_cast(&ctx), reinterpret_cast(data), (size_t)len); + poly1305_update( + reinterpret_cast(&ctx), reinterpret_cast(data), (size_t)len); } -void Poly1305::finish(void* auth) noexcept +void Poly1305::finish(void *auth) noexcept { - poly1305_finish(reinterpret_cast(&ctx), reinterpret_cast(auth)); + poly1305_finish(reinterpret_cast(&ctx), reinterpret_cast(auth)); } } // namespace ZeroTier diff --git a/core/Poly1305.hpp b/core/Poly1305.hpp index 47627d101..7ce05bd88 100644 --- a/core/Poly1305.hpp +++ b/core/Poly1305.hpp @@ -26,20 +26,16 @@ namespace ZeroTier { */ class Poly1305 { public: - ZT_INLINE Poly1305() - { - } + ZT_INLINE Poly1305() {} - ZT_INLINE Poly1305(const void* key) - { - this->init(key); - } + ZT_INLINE Poly1305(const void *key) { this->init(key); } - void init(const void* key) noexcept; - void update(const void* data, unsigned int len) noexcept; - void finish(void* auth) noexcept; + void init(const void *key) noexcept; + void update(const void *data, unsigned int len) noexcept; + void finish(void *auth) noexcept; - static ZT_INLINE void compute(void* const auth, const void* const data, const unsigned int len, const void* const key) noexcept + static ZT_INLINE void + compute(void *const auth, const void *const data, const unsigned int len, const void *const key) noexcept { Poly1305 p(key); p.update(data, len); diff --git a/core/Protocol.hpp b/core/Protocol.hpp index 497f0f1ed..2e775fbed 100644 --- a/core/Protocol.hpp +++ b/core/Protocol.hpp @@ -253,7 +253,9 @@ #define ZT_PROTO_HELLO_NODE_META_EPHEMERAL_ACK "E" static_assert(ZT_PROTO_MAX_PACKET_LENGTH < ZT_BUF_MEM_SIZE, "maximum packet length won't fit in Buf"); -static_assert(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START == (ZT_PROTO_MIN_PACKET_LENGTH - 1), "encrypted packet section must start right before protocol verb at one less than minimum packet size"); +static_assert( + ZT_PROTO_PACKET_ENCRYPTED_SECTION_START == (ZT_PROTO_MIN_PACKET_LENGTH - 1), + "encrypted packet section must start right before protocol verb at one less than minimum packet size"); namespace ZeroTier { namespace Protocol { @@ -684,49 +686,29 @@ enum Verb { #ifdef ZT_DEBUG_SPEW -static ZT_INLINE const char* verbName(const Verb v) noexcept +static ZT_INLINE const char *verbName(const Verb v) noexcept { switch (v) { - case VERB_NOP: - return "NOP"; - case VERB_HELLO: - return "HELLO"; - case VERB_ERROR: - return "ERROR"; - case VERB_OK: - return "OK"; - case VERB_WHOIS: - return "WHOIS"; - case VERB_RENDEZVOUS: - return "RENDEZVOUS"; - case VERB_FRAME: - return "FRAME"; - case VERB_EXT_FRAME: - return "EXT_FRAME"; - case VERB_ECHO: - return "ECHO"; - case VERB_MULTICAST_LIKE: - return "MULTICAST_LIKE"; - case VERB_NETWORK_CREDENTIALS: - return "NETWORK_CREDENTIALS"; - case VERB_NETWORK_CONFIG_REQUEST: - return "NETWORK_CONFIG_REQUEST"; - case VERB_NETWORK_CONFIG: - return "NETWORK_CONFIG"; - case VERB_MULTICAST_GATHER: - return "MULTICAST_GATHER"; - case VERB_MULTICAST_FRAME_deprecated: - return "MULTICAST_FRAME_deprecated"; - case VERB_PUSH_DIRECT_PATHS: - return "PUSH_DIRECT_PATHS"; - case VERB_USER_MESSAGE: - return "USER_MESSAGE"; - case VERB_MULTICAST: - return "MULTICAST"; - case VERB_ENCAP: - return "ENCAP"; - default: - return "(unknown)"; + case VERB_NOP: return "NOP"; + case VERB_HELLO: return "HELLO"; + case VERB_ERROR: return "ERROR"; + case VERB_OK: return "OK"; + case VERB_WHOIS: return "WHOIS"; + case VERB_RENDEZVOUS: return "RENDEZVOUS"; + case VERB_FRAME: return "FRAME"; + case VERB_EXT_FRAME: return "EXT_FRAME"; + case VERB_ECHO: return "ECHO"; + case VERB_MULTICAST_LIKE: return "MULTICAST_LIKE"; + case VERB_NETWORK_CREDENTIALS: return "NETWORK_CREDENTIALS"; + case VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST"; + case VERB_NETWORK_CONFIG: return "NETWORK_CONFIG"; + case VERB_MULTICAST_GATHER: return "MULTICAST_GATHER"; + case VERB_MULTICAST_FRAME_deprecated: return "MULTICAST_FRAME_deprecated"; + case VERB_PUSH_DIRECT_PATHS: return "PUSH_DIRECT_PATHS"; + case VERB_USER_MESSAGE: return "USER_MESSAGE"; + case VERB_MULTICAST: return "MULTICAST"; + case VERB_ENCAP: return "ENCAP"; + default: return "(unknown)"; } } @@ -765,13 +747,13 @@ enum ErrorCode { * by a special tee or redirect type flow rule. */ enum ExtFrameSubtype { - EXT_FRAME_SUBTYPE_NORMAL = 0x0, - EXT_FRAME_SUBTYPE_TEE_OUTBOUND = 0x1, + EXT_FRAME_SUBTYPE_NORMAL = 0x0, + EXT_FRAME_SUBTYPE_TEE_OUTBOUND = 0x1, EXT_FRAME_SUBTYPE_REDIRECT_OUTBOUND = 0x2, - EXT_FRAME_SUBTYPE_WATCH_OUTBOUND = 0x3, - EXT_FRAME_SUBTYPE_TEE_INBOUND = 0x4, - EXT_FRAME_SUBTYPE_REDIRECT_INBOUND = 0x5, - EXT_FRAME_SUBTYPE_WATCH_INBOUND = 0x6 + EXT_FRAME_SUBTYPE_WATCH_OUTBOUND = 0x3, + EXT_FRAME_SUBTYPE_TEE_INBOUND = 0x4, + EXT_FRAME_SUBTYPE_REDIRECT_INBOUND = 0x5, + EXT_FRAME_SUBTYPE_WATCH_INBOUND = 0x6 }; /** @@ -811,7 +793,8 @@ enum NetworkConfigFlag { * @param in Input key (32 bytes) * @param out Output buffer (32 bytes) */ -static ZT_INLINE void salsa2012DeriveKey(const uint8_t* const in, uint8_t* const out, const Buf& packet, const unsigned int packetSize) noexcept +static ZT_INLINE void salsa2012DeriveKey( + const uint8_t *const in, uint8_t *const out, const Buf &packet, const unsigned int packetSize) noexcept { // IV and source/destination addresses. Using the addresses divides the // key space into two halves-- A->B and B->A (since order will change). @@ -819,9 +802,12 @@ static ZT_INLINE void salsa2012DeriveKey(const uint8_t* const in, uint8_t* const for (int i = 0; i < 18; ++i) out[i] = in[i] ^ packet.unsafeData[i]; #else - *reinterpret_cast(out) = *reinterpret_cast(in) ^ *reinterpret_cast(packet.unsafeData); - *reinterpret_cast(out + 8) = *reinterpret_cast(in + 8) ^ *reinterpret_cast(packet.unsafeData + 8); - *reinterpret_cast(out + 16) = *reinterpret_cast(in + 16) ^ *reinterpret_cast(packet.unsafeData + 16); + *reinterpret_cast(out) = + *reinterpret_cast(in) ^ *reinterpret_cast(packet.unsafeData); + *reinterpret_cast(out + 8) = + *reinterpret_cast(in + 8) ^ *reinterpret_cast(packet.unsafeData + 8); + *reinterpret_cast(out + 16) = + *reinterpret_cast(in + 16) ^ *reinterpret_cast(packet.unsafeData + 16); #endif // Flags, but with hop count masked off. Hop count is altered by forwarding @@ -837,10 +823,10 @@ static ZT_INLINE void salsa2012DeriveKey(const uint8_t* const in, uint8_t* const for (int i = 21; i < 32; ++i) out[i] = in[i]; #else - out[21] = in[21]; - out[22] = in[22]; - out[23] = in[23]; - *reinterpret_cast(out + 24) = *reinterpret_cast(in + 24); + out[21] = in[21]; + out[22] = in[22]; + out[23] = in[23]; + *reinterpret_cast(out + 24) = *reinterpret_cast(in + 24); #endif } @@ -854,7 +840,8 @@ static ZT_INLINE void salsa2012DeriveKey(const uint8_t* const in, uint8_t* const * @param verb Protocol verb * @return Index of packet start */ -static ZT_INLINE int newPacket(uint8_t pkt[28], const uint64_t packetId, const Address destination, const Address source, const Verb verb) noexcept +static ZT_INLINE int newPacket( + uint8_t pkt[28], const uint64_t packetId, const Address destination, const Address source, const Verb verb) noexcept { Utils::storeMachineEndian(pkt + ZT_PROTO_PACKET_ID_INDEX, packetId); destination.copyTo(pkt + ZT_PROTO_PACKET_DESTINATION_INDEX); @@ -865,7 +852,8 @@ static ZT_INLINE int newPacket(uint8_t pkt[28], const uint64_t packetId, const A return ZT_PROTO_PACKET_VERB_INDEX + 1; } -static ZT_INLINE int newPacket(Buf& pkt, const uint64_t packetId, const Address destination, const Address source, const Verb verb) noexcept +static ZT_INLINE int +newPacket(Buf &pkt, const uint64_t packetId, const Address destination, const Address source, const Verb verb) noexcept { return newPacket(pkt.unsafeData, packetId, destination, source, verb); } @@ -879,7 +867,8 @@ static ZT_INLINE int newPacket(Buf& pkt, const uint64_t packetId, const Address * @param cipherSuite Cipher suite to use for AEAD encryption or just MAC * @return Packet ID of packet (which may change!) */ -static ZT_INLINE uint64_t armor(uint8_t* const pkt, const int packetSize, const SymmetricKey& key, const uint8_t cipherSuite) noexcept +static ZT_INLINE uint64_t +armor(uint8_t *const pkt, const int packetSize, const SymmetricKey &key, const uint8_t cipherSuite) noexcept { // TODO #if 0 @@ -937,7 +926,7 @@ static ZT_INLINE uint64_t armor(uint8_t* const pkt, const int packetSize, const * @param packetSize Total size of packet in bytes (including headers) * @return New size of packet after compression or original size of compression wasn't helpful */ -static ZT_INLINE int compress(Buf& pkt, int packetSize) noexcept +static ZT_INLINE int compress(Buf &pkt, int packetSize) noexcept { // TODO return packetSize; diff --git a/core/RevocationCredential.cpp b/core/RevocationCredential.cpp index bc778b798..2ae49d0d4 100644 --- a/core/RevocationCredential.cpp +++ b/core/RevocationCredential.cpp @@ -15,11 +15,11 @@ namespace ZeroTier { -bool RevocationCredential::sign(const Identity& signer) noexcept +bool RevocationCredential::sign(const Identity &signer) noexcept { uint8_t buf[ZT_REVOCATION_MARSHAL_SIZE_MAX + 32]; if (signer.hasPrivate()) { - m_signedBy = signer.address(); + m_signedBy = signer.address(); m_signatureLength = signer.sign(buf, (unsigned int)marshal(buf, true), m_signature, sizeof(m_signature)); return true; } @@ -46,7 +46,7 @@ int RevocationCredential::marshal(uint8_t data[ZT_REVOCATION_MARSHAL_SIZE_MAX], m_signedBy.copyTo(data + p); p += ZT_ADDRESS_LENGTH; data[p++] = (uint8_t)m_type; - if (! forSign) { + if (!forSign) { data[p++] = 1; Utils::storeBigEndian(data + p, (uint16_t)m_signatureLength); Utils::copy(data + p, m_signature, m_signatureLength); @@ -61,23 +61,23 @@ int RevocationCredential::marshal(uint8_t data[ZT_REVOCATION_MARSHAL_SIZE_MAX], return p; } -int RevocationCredential::unmarshal(const uint8_t* restrict data, const int len) noexcept +int RevocationCredential::unmarshal(const uint8_t *restrict data, const int len) noexcept { if (len < 54) return -1; // 4 bytes reserved - m_id = Utils::loadBigEndian(data + 4); + m_id = Utils::loadBigEndian(data + 4); m_networkId = Utils::loadBigEndian(data + 8); // 4 bytes reserved m_credentialId = Utils::loadBigEndian(data + 20); - m_threshold = (int64_t)Utils::loadBigEndian(data + 24); - m_flags = Utils::loadBigEndian(data + 32); + m_threshold = (int64_t)Utils::loadBigEndian(data + 24); + m_flags = Utils::loadBigEndian(data + 32); m_target.setTo(data + 40); m_signedBy.setTo(data + 45); m_type = (ZT_CredentialType)data[50]; // 1 byte reserved m_signatureLength = Utils::loadBigEndian(data + 52); - int p = 54 + (int)m_signatureLength; + int p = 54 + (int)m_signatureLength; if ((m_signatureLength > ZT_SIGNATURE_BUFFER_SIZE) || (p > len)) return -1; Utils::copy(m_signature, data + 54, m_signatureLength); diff --git a/core/RevocationCredential.hpp b/core/RevocationCredential.hpp index 545878f5f..c11eaf9da 100644 --- a/core/RevocationCredential.hpp +++ b/core/RevocationCredential.hpp @@ -39,15 +39,9 @@ class RevocationCredential : public Credential { friend class Credential; public: - static constexpr ZT_CredentialType credentialType() noexcept - { - return ZT_CREDENTIAL_TYPE_REVOCATION; - } + static constexpr ZT_CredentialType credentialType() noexcept { return ZT_CREDENTIAL_TYPE_REVOCATION; } - ZT_INLINE RevocationCredential() noexcept - { - memoryZero(this); - } + ZT_INLINE RevocationCredential() noexcept { memoryZero(this); } /** * @param i ID (arbitrary for revocations, currently random) @@ -59,15 +53,11 @@ class RevocationCredential : public Credential { * @param ct Credential type being revoked */ ZT_INLINE RevocationCredential( - const uint32_t i, - const uint64_t nwid, - const uint32_t cid, - const uint64_t thr, - const uint64_t fl, - const Address& tgt, + const uint32_t i, const uint64_t nwid, const uint32_t cid, const uint64_t thr, const uint64_t fl, + const Address &tgt, const ZT_CredentialType ct) noexcept : // NOLINT(cppcoreguidelines-pro-type-member-init,hicpp-member-init) - m_id(i) + m_id(i) , m_credentialId(cid) , m_networkId(nwid) , m_threshold(thr) @@ -79,61 +69,31 @@ class RevocationCredential : public Credential { { } - ZT_INLINE uint32_t id() const noexcept - { - return m_id; - } + ZT_INLINE uint32_t id() const noexcept { return m_id; } - ZT_INLINE uint32_t credentialId() const noexcept - { - return m_credentialId; - } + ZT_INLINE uint32_t credentialId() const noexcept { return m_credentialId; } - ZT_INLINE uint64_t networkId() const noexcept - { - return m_networkId; - } + ZT_INLINE uint64_t networkId() const noexcept { return m_networkId; } - ZT_INLINE int64_t threshold() const noexcept - { - return m_threshold; - } + ZT_INLINE int64_t threshold() const noexcept { return m_threshold; } - ZT_INLINE const Address& target() const noexcept - { - return m_target; - } + ZT_INLINE const Address &target() const noexcept { return m_target; } - ZT_INLINE const Address& signer() const noexcept - { - return m_signedBy; - } + ZT_INLINE const Address &signer() const noexcept { return m_signedBy; } - ZT_INLINE ZT_CredentialType typeBeingRevoked() const noexcept - { - return m_type; - } + ZT_INLINE ZT_CredentialType typeBeingRevoked() const noexcept { return m_type; } - ZT_INLINE const uint8_t* signature() const noexcept - { - return m_signature; - } + ZT_INLINE const uint8_t *signature() const noexcept { return m_signature; } - ZT_INLINE unsigned int signatureLength() const noexcept - { - return m_signatureLength; - } + ZT_INLINE unsigned int signatureLength() const noexcept { return m_signatureLength; } - ZT_INLINE bool fastPropagate() const noexcept - { - return ((m_flags & ZT_REVOCATION_FLAG_FAST_PROPAGATE) != 0); - } + ZT_INLINE bool fastPropagate() const noexcept { return ((m_flags & ZT_REVOCATION_FLAG_FAST_PROPAGATE) != 0); } /** * @param signer Signing identity, must have private key * @return True if signature was successful */ - bool sign(const Identity& signer) noexcept; + bool sign(const Identity &signer) noexcept; /** * Verify this revocation's signature @@ -141,18 +101,15 @@ class RevocationCredential : public Credential { * @param RR Runtime environment to provide for peer lookup, etc. * @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call */ - ZT_INLINE Credential::VerifyResult verify(const Context& ctx, const CallContext& cc) const noexcept + ZT_INLINE Credential::VerifyResult verify(const Context &ctx, const CallContext &cc) const noexcept { return s_verify(ctx, cc, *this); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_REVOCATION_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_REVOCATION_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_REVOCATION_MARSHAL_SIZE_MAX], bool forSign = false) const noexcept; - int unmarshal(const uint8_t* restrict data, int len) noexcept; + int unmarshal(const uint8_t *restrict data, int len) noexcept; private: uint32_t m_id; diff --git a/core/SHA512.cpp b/core/SHA512.cpp index b839cfe62..ccddf6fcc 100644 --- a/core/SHA512.cpp +++ b/core/SHA512.cpp @@ -16,15 +16,24 @@ struct sha512_state { uint8_t buf[128]; }; -static const uint64_t K[80] = { 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, - 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, - 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, - 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, - 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, - 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, - 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL }; +static const uint64_t K[80] = { + 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, + 0x59f111f1b605d019ULL, 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, + 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, + 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, + 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, 0x983e5152ee66dfabULL, + 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, + 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, + 0x53380d139d95b3dfULL, 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, + 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, + 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, + 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, 0x5b9cca4f7763e373ULL, + 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, + 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, 0xca273eceea26619cULL, + 0xd186b8c721c0c207ULL, 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, + 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, + 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL +}; #define STORE64H(x, y) Utils::storeBigEndian(y, x) #define LOAD64H(x, y) x = Utils::loadBigEndian(y) @@ -39,7 +48,7 @@ static const uint64_t K[80] = { 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0x #define Gamma0(x) (S(x, 1) ^ S(x, 8) ^ R(x, 7)) #define Gamma1(x) (S(x, 19) ^ S(x, 61) ^ R(x, 6)) -static ZT_INLINE void sha512_compress(sha512_state* const md, uint8_t* const buf) +static ZT_INLINE void sha512_compress(sha512_state *const md, uint8_t *const buf) { uint64_t S[8], W[80], t0, t1; int i; @@ -51,10 +60,10 @@ static ZT_INLINE void sha512_compress(sha512_state* const md, uint8_t* const buf for (i = 16; i < 80; i++) W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16]; -#define RND(a, b, c, d, e, f, g, h, i) \ - t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ - t1 = Sigma0(a) + Maj(a, b, c); \ - d += t0; \ +#define RND(a, b, c, d, e, f, g, h, i) \ + t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ + t1 = Sigma0(a) + Maj(a, b, c); \ + d += t0; \ h = t0 + t1; for (i = 0; i < 80; i += 8) { @@ -72,10 +81,10 @@ static ZT_INLINE void sha512_compress(sha512_state* const md, uint8_t* const buf md->state[i] = md->state[i] + S[i]; } -static ZT_INLINE void sha384_init(sha512_state* const md) +static ZT_INLINE void sha384_init(sha512_state *const md) { - md->curlen = 0; - md->length = 0; + md->curlen = 0; + md->length = 0; md->state[0] = 0xcbbb9d5dc1059ed8ULL; md->state[1] = 0x629a292a367cd507ULL; md->state[2] = 0x9159015a3070dd17ULL; @@ -86,10 +95,10 @@ static ZT_INLINE void sha384_init(sha512_state* const md) md->state[7] = 0x47b5481dbefa4fa4ULL; } -static ZT_INLINE void sha512_init(sha512_state* const md) +static ZT_INLINE void sha512_init(sha512_state *const md) { - md->curlen = 0; - md->length = 0; + md->curlen = 0; + md->length = 0; md->state[0] = 0x6a09e667f3bcc908ULL; md->state[1] = 0xbb67ae8584caa73bULL; md->state[2] = 0x3c6ef372fe94f82bULL; @@ -100,11 +109,11 @@ static ZT_INLINE void sha512_init(sha512_state* const md) md->state[7] = 0x5be0cd19137e2179ULL; } -static void sha512_process(sha512_state* const md, const uint8_t* in, unsigned long inlen) +static void sha512_process(sha512_state *const md, const uint8_t *in, unsigned long inlen) { while (inlen > 0) { if (md->curlen == 0 && inlen >= 128) { - sha512_compress(md, (uint8_t*)in); + sha512_compress(md, (uint8_t *)in); md->length += 128 * 8; in += 128; inlen -= 128; @@ -124,7 +133,7 @@ static void sha512_process(sha512_state* const md, const uint8_t* in, unsigned l } } -static ZT_INLINE void sha512_done(sha512_state* const md, uint8_t* out) +static ZT_INLINE void sha512_done(sha512_state *const md, uint8_t *out) { int i; @@ -153,38 +162,38 @@ static ZT_INLINE void sha512_done(sha512_state* const md, uint8_t* out) } // anonymous namespace -void SHA512(void* digest, const void* data, unsigned int len) +void SHA512(void *digest, const void *data, unsigned int len) { sha512_state state; sha512_init(&state); - sha512_process(&state, (uint8_t*)data, (unsigned long)len); - sha512_done(&state, (uint8_t*)digest); + sha512_process(&state, (uint8_t *)data, (unsigned long)len); + sha512_done(&state, (uint8_t *)digest); } -void SHA384(void* digest, const void* data, unsigned int len) +void SHA384(void *digest, const void *data, unsigned int len) { uint8_t tmp[64]; sha512_state state; sha384_init(&state); - sha512_process(&state, (uint8_t*)data, (unsigned long)len); + sha512_process(&state, (uint8_t *)data, (unsigned long)len); sha512_done(&state, tmp); Utils::copy<48>(digest, tmp); } -void SHA384(void* digest, const void* data0, unsigned int len0, const void* data1, unsigned int len1) +void SHA384(void *digest, const void *data0, unsigned int len0, const void *data1, unsigned int len1) { uint8_t tmp[64]; sha512_state state; sha384_init(&state); - sha512_process(&state, (uint8_t*)data0, (unsigned long)len0); - sha512_process(&state, (uint8_t*)data1, (unsigned long)len1); + sha512_process(&state, (uint8_t *)data0, (unsigned long)len0); + sha512_process(&state, (uint8_t *)data1, (unsigned long)len1); sha512_done(&state, tmp); Utils::copy<48>(digest, tmp); } #endif // !ZT_HAVE_NATIVE_SHA512 -void HMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const void* msg, const unsigned int msglen, uint8_t mac[48]) +void HMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const void *msg, const unsigned int msglen, uint8_t mac[48]) { uint64_t kInPadded[16]; // input padded key uint64_t outer[22]; // output padded key | H(input padded key | msg) @@ -197,47 +206,49 @@ void HMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const void* msg, const const uint64_t k5 = Utils::loadMachineEndian(key + 40); const uint64_t ipad = 0x3636363636363636ULL; - kInPadded[0] = k0 ^ ipad; - kInPadded[1] = k1 ^ ipad; - kInPadded[2] = k2 ^ ipad; - kInPadded[3] = k3 ^ ipad; - kInPadded[4] = k4 ^ ipad; - kInPadded[5] = k5 ^ ipad; - kInPadded[6] = ipad; - kInPadded[7] = ipad; - kInPadded[8] = ipad; - kInPadded[9] = ipad; - kInPadded[10] = ipad; - kInPadded[11] = ipad; - kInPadded[12] = ipad; - kInPadded[13] = ipad; - kInPadded[14] = ipad; - kInPadded[15] = ipad; + kInPadded[0] = k0 ^ ipad; + kInPadded[1] = k1 ^ ipad; + kInPadded[2] = k2 ^ ipad; + kInPadded[3] = k3 ^ ipad; + kInPadded[4] = k4 ^ ipad; + kInPadded[5] = k5 ^ ipad; + kInPadded[6] = ipad; + kInPadded[7] = ipad; + kInPadded[8] = ipad; + kInPadded[9] = ipad; + kInPadded[10] = ipad; + kInPadded[11] = ipad; + kInPadded[12] = ipad; + kInPadded[13] = ipad; + kInPadded[14] = ipad; + kInPadded[15] = ipad; const uint64_t opad = 0x5c5c5c5c5c5c5c5cULL; - outer[0] = k0 ^ opad; - outer[1] = k1 ^ opad; - outer[2] = k2 ^ opad; - outer[3] = k3 ^ opad; - outer[4] = k4 ^ opad; - outer[5] = k5 ^ opad; - outer[6] = opad; - outer[7] = opad; - outer[8] = opad; - outer[9] = opad; - outer[10] = opad; - outer[11] = opad; - outer[12] = opad; - outer[13] = opad; - outer[14] = opad; - outer[15] = opad; + outer[0] = k0 ^ opad; + outer[1] = k1 ^ opad; + outer[2] = k2 ^ opad; + outer[3] = k3 ^ opad; + outer[4] = k4 ^ opad; + outer[5] = k5 ^ opad; + outer[6] = opad; + outer[7] = opad; + outer[8] = opad; + outer[9] = opad; + outer[10] = opad; + outer[11] = opad; + outer[12] = opad; + outer[13] = opad; + outer[14] = opad; + outer[15] = opad; // H(output padded key | H(input padded key | msg)) - SHA384(reinterpret_cast(outer) + 128, kInPadded, 128, msg, msglen); + SHA384(reinterpret_cast(outer) + 128, kInPadded, 128, msg, msglen); SHA384(mac, outer, 176); } -void KBKDFHMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const char label, const char context, const uint32_t iter, uint8_t out[ZT_SYMMETRIC_KEY_SIZE]) +void KBKDFHMACSHA384( + const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const char label, const char context, const uint32_t iter, + uint8_t out[ZT_SYMMETRIC_KEY_SIZE]) { uint8_t kbkdfMsg[13]; @@ -251,7 +262,7 @@ void KBKDFHMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const char label, kbkdfMsg[8] = (uint8_t)context; // Output key length: 384 bits (as 32-bit big-endian value) - kbkdfMsg[9] = 0; + kbkdfMsg[9] = 0; kbkdfMsg[10] = 0; kbkdfMsg[11] = 0x01; kbkdfMsg[12] = 0x80; diff --git a/core/SHA512.hpp b/core/SHA512.hpp index f4a30cf12..97b517cd7 100644 --- a/core/SHA512.hpp +++ b/core/SHA512.hpp @@ -32,34 +32,34 @@ namespace ZeroTier { // SHA384 and SHA512 are actually in the standard libraries on MacOS and iOS #ifdef __APPLE__ #define ZT_HAVE_NATIVE_SHA512 1 -static ZT_INLINE void SHA512(void* digest, const void* data, unsigned int len) +static ZT_INLINE void SHA512(void *digest, const void *data, unsigned int len) { CC_SHA512_CTX ctx; CC_SHA512_Init(&ctx); CC_SHA512_Update(&ctx, data, len); - CC_SHA512_Final(reinterpret_cast(digest), &ctx); + CC_SHA512_Final(reinterpret_cast(digest), &ctx); } -static ZT_INLINE void SHA384(void* digest, const void* data, unsigned int len) +static ZT_INLINE void SHA384(void *digest, const void *data, unsigned int len) { CC_SHA512_CTX ctx; CC_SHA384_Init(&ctx); CC_SHA384_Update(&ctx, data, len); - CC_SHA384_Final(reinterpret_cast(digest), &ctx); + CC_SHA384_Final(reinterpret_cast(digest), &ctx); } -static ZT_INLINE void SHA384(void* digest, const void* data0, unsigned int len0, const void* data1, unsigned int len1) +static ZT_INLINE void SHA384(void *digest, const void *data0, unsigned int len0, const void *data1, unsigned int len1) { CC_SHA512_CTX ctx; CC_SHA384_Init(&ctx); CC_SHA384_Update(&ctx, data0, len0); CC_SHA384_Update(&ctx, data1, len1); - CC_SHA384_Final(reinterpret_cast(digest), &ctx); + CC_SHA384_Final(reinterpret_cast(digest), &ctx); } #endif #ifndef ZT_HAVE_NATIVE_SHA512 -void SHA512(void* digest, const void* data, unsigned int len); -void SHA384(void* digest, const void* data, unsigned int len); -void SHA384(void* digest, const void* data0, unsigned int len0, const void* data1, unsigned int len1); +void SHA512(void *digest, const void *data, unsigned int len); +void SHA384(void *digest, const void *data, unsigned int len); +void SHA384(void *digest, const void *data0, unsigned int len0, const void *data1, unsigned int len1); #endif /** @@ -70,7 +70,7 @@ void SHA384(void* digest, const void* data0, unsigned int len0, const void* data * @param msglen Length of message * @param mac Buffer to fill with result */ -void HMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const void* msg, unsigned int msglen, uint8_t mac[48]); +void HMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const void *msg, unsigned int msglen, uint8_t mac[48]); /** * Compute KBKDF (key-based key derivation function) using HMAC-SHA-384 as a PRF @@ -81,7 +81,9 @@ void HMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], const void* msg, unsig * @param iter Key iteration for generation of multiple keys for the same label/context * @param out Output to receive derived key */ -void KBKDFHMACSHA384(const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], char label, char context, uint32_t iter, uint8_t out[ZT_SYMMETRIC_KEY_SIZE]); +void KBKDFHMACSHA384( + const uint8_t key[ZT_SYMMETRIC_KEY_SIZE], char label, char context, uint32_t iter, + uint8_t out[ZT_SYMMETRIC_KEY_SIZE]); } // namespace ZeroTier diff --git a/core/Salsa20.cpp b/core/Salsa20.cpp index f90b087f5..5190eeea8 100644 --- a/core/Salsa20.cpp +++ b/core/Salsa20.cpp @@ -19,8 +19,9 @@ #if __BYTE_ORDER == __LITTLE_ENDIAN #ifdef ZT_NO_UNALIGNED_ACCESS // Slower version that does not use type punning -#define U8TO32_LITTLE(p) (((uint32_t)(p)[0]) | ((uint32_t)(p)[1] << 8) | ((uint32_t)(p)[2] << 16) | ((uint32_t)(p)[3] << 24)) -static ZT_INLINE void U32TO8_LITTLE(uint8_t* const c, const uint32_t v) +#define U8TO32_LITTLE(p) \ + (((uint32_t)(p)[0]) | ((uint32_t)(p)[1] << 8) | ((uint32_t)(p)[2] << 16) | ((uint32_t)(p)[3] << 24)) +static ZT_INLINE void U32TO8_LITTLE(uint8_t *const c, const uint32_t v) { c[0] = (uint8_t)v; c[1] = (uint8_t)(v >> 8); @@ -29,18 +30,19 @@ static ZT_INLINE void U32TO8_LITTLE(uint8_t* const c, const uint32_t v) } #else // Fast version that just does 32-bit load/store -#define U8TO32_LITTLE(p) (*((const uint32_t*)((const void*)(p)))) -#define U32TO8_LITTLE(c, v) *((uint32_t*)((void*)(c))) = (v) +#define U8TO32_LITTLE(p) (*((const uint32_t *)((const void *)(p)))) +#define U32TO8_LITTLE(c, v) *((uint32_t *)((void *)(c))) = (v) #endif // ZT_NO_UNALIGNED_ACCESS #else // __BYTE_ORDER == __BIG_ENDIAN (we don't support anything else... does MIDDLE_ENDIAN even still exist?) #ifdef __GNUC__ // Use GNUC builtin bswap macros on big-endian machines if available -#define U8TO32_LITTLE(p) __builtin_bswap32(*((const uint32_t*)((const void*)(p)))) -#define U32TO8_LITTLE(c, v) *((uint32_t*)((void*)(c))) = __builtin_bswap32((v)) +#define U8TO32_LITTLE(p) __builtin_bswap32(*((const uint32_t *)((const void *)(p)))) +#define U32TO8_LITTLE(c, v) *((uint32_t *)((void *)(c))) = __builtin_bswap32((v)) #else // no __GNUC__ // Otherwise do it the slow, manual way on BE machines -#define U8TO32_LITTLE(p) (((uint32_t)(p)[0]) | ((uint32_t)(p)[1] << 8) | ((uint32_t)(p)[2] << 16) | ((uint32_t)(p)[3] << 24)) -static ZT_INLINE void U32TO8_LITTLE(uint8_t* const c, const uint32_t v) +#define U8TO32_LITTLE(p) \ + (((uint32_t)(p)[0]) | ((uint32_t)(p)[1] << 8) | ((uint32_t)(p)[2] << 16) | ((uint32_t)(p)[3] << 24)) +static ZT_INLINE void U32TO8_LITTLE(uint8_t *const c, const uint32_t v) { c[0] = (uint8_t)v; c[1] = (uint8_t)(v >> 8); @@ -66,45 +68,45 @@ static const _s20sseconsts s_S20SSECONSTANTS; namespace ZeroTier { -void Salsa20::init(const void* key, const void* iv) noexcept +void Salsa20::init(const void *key, const void *iv) noexcept { #ifdef ZT_SALSA20_SSE - const uint32_t* const k = (const uint32_t*)key; - _state.i[0] = 0x61707865; - _state.i[1] = 0x3320646e; - _state.i[2] = 0x79622d32; - _state.i[3] = 0x6b206574; - _state.i[4] = k[3]; - _state.i[5] = 0; - _state.i[6] = k[7]; - _state.i[7] = k[2]; - _state.i[8] = 0; - _state.i[9] = k[6]; - _state.i[10] = k[1]; - _state.i[11] = ((const uint32_t*)iv)[1]; - _state.i[12] = k[5]; - _state.i[13] = k[0]; - _state.i[14] = ((const uint32_t*)iv)[0]; - _state.i[15] = k[4]; + const uint32_t *const k = (const uint32_t *)key; + _state.i[0] = 0x61707865; + _state.i[1] = 0x3320646e; + _state.i[2] = 0x79622d32; + _state.i[3] = 0x6b206574; + _state.i[4] = k[3]; + _state.i[5] = 0; + _state.i[6] = k[7]; + _state.i[7] = k[2]; + _state.i[8] = 0; + _state.i[9] = k[6]; + _state.i[10] = k[1]; + _state.i[11] = ((const uint32_t *)iv)[1]; + _state.i[12] = k[5]; + _state.i[13] = k[0]; + _state.i[14] = ((const uint32_t *)iv)[0]; + _state.i[15] = k[4]; #else - const char* const constants = "expand 32-byte k"; - const uint8_t* const k = (const uint8_t*)key; - _state.i[0] = U8TO32_LITTLE(constants + 0); - _state.i[1] = U8TO32_LITTLE(k + 0); - _state.i[2] = U8TO32_LITTLE(k + 4); - _state.i[3] = U8TO32_LITTLE(k + 8); - _state.i[4] = U8TO32_LITTLE(k + 12); - _state.i[5] = U8TO32_LITTLE(constants + 4); - _state.i[6] = U8TO32_LITTLE(((const uint8_t*)iv) + 0); - _state.i[7] = U8TO32_LITTLE(((const uint8_t*)iv) + 4); - _state.i[8] = 0; - _state.i[9] = 0; - _state.i[10] = U8TO32_LITTLE(constants + 8); - _state.i[11] = U8TO32_LITTLE(k + 16); - _state.i[12] = U8TO32_LITTLE(k + 20); - _state.i[13] = U8TO32_LITTLE(k + 24); - _state.i[14] = U8TO32_LITTLE(k + 28); - _state.i[15] = U8TO32_LITTLE(constants + 12); + const char *const constants = "expand 32-byte k"; + const uint8_t *const k = (const uint8_t *)key; + _state.i[0] = U8TO32_LITTLE(constants + 0); + _state.i[1] = U8TO32_LITTLE(k + 0); + _state.i[2] = U8TO32_LITTLE(k + 4); + _state.i[3] = U8TO32_LITTLE(k + 8); + _state.i[4] = U8TO32_LITTLE(k + 12); + _state.i[5] = U8TO32_LITTLE(constants + 4); + _state.i[6] = U8TO32_LITTLE(((const uint8_t *)iv) + 0); + _state.i[7] = U8TO32_LITTLE(((const uint8_t *)iv) + 4); + _state.i[8] = 0; + _state.i[9] = 0; + _state.i[10] = U8TO32_LITTLE(constants + 8); + _state.i[11] = U8TO32_LITTLE(k + 16); + _state.i[12] = U8TO32_LITTLE(k + 20); + _state.i[13] = U8TO32_LITTLE(k + 24); + _state.i[14] = U8TO32_LITTLE(k + 28); + _state.i[15] = U8TO32_LITTLE(constants + 12); #endif } @@ -115,35 +117,36 @@ union p_SalsaState { uint32_t i[16]; }; -template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const state, const uint8_t* m, uint8_t* c, unsigned int bytes) noexcept +template +static ZT_INLINE void p_salsaCrypt(p_SalsaState *const state, const uint8_t *m, uint8_t *c, unsigned int bytes) noexcept { if (unlikely(bytes == 0)) return; uint8_t tmp[64]; - uint8_t* ctarget = c; + uint8_t *ctarget = c; #ifdef ZT_SALSA20_SSE - __m128i X0 = state->v[0]; - __m128i X1 = state->v[1]; - __m128i X2 = state->v[2]; - __m128i X3 = state->v[3]; + __m128i X0 = state->v[0]; + __m128i X1 = state->v[1]; + __m128i X2 = state->v[2]; + __m128i X3 = state->v[3]; const __m128i maskLo32 = s_S20SSECONSTANTS.maskLo32; const __m128i maskHi32 = s_S20SSECONSTANTS.maskHi32; - const __m128i add1 = _mm_set_epi32(0, 0, 0, 1); + const __m128i add1 = _mm_set_epi32(0, 0, 0, 1); #else uint32_t x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15; uint32_t j0, j1, j2, j3, j4, j5, j6, j7, j8, j9, j10, j11, j12, j13, j14, j15; - j0 = state->i[0]; - j1 = state->i[1]; - j2 = state->i[2]; - j3 = state->i[3]; - j4 = state->i[4]; - j5 = state->i[5]; - j6 = state->i[6]; - j7 = state->i[7]; - j8 = state->i[8]; - j9 = state->i[9]; + j0 = state->i[0]; + j1 = state->i[1]; + j2 = state->i[2]; + j3 = state->i[3]; + j4 = state->i[4]; + j5 = state->i[5]; + j6 = state->i[6]; + j7 = state->i[7]; + j8 = state->i[8]; + j9 = state->i[9]; j10 = state->i[10]; j11 = state->i[11]; j12 = state->i[12]; @@ -156,9 +159,9 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const if (unlikely(bytes < 64)) { for (unsigned int i = 0; i < bytes; ++i) tmp[i] = m[i]; - m = tmp; + m = tmp; ctarget = c; - c = tmp; + c = tmp; } #ifdef ZT_SALSA20_SSE @@ -169,24 +172,24 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const __m128i T; for (unsigned int rr = 0; rr < (R / 2); ++rr) { - T = _mm_add_epi32(X0, X3); + T = _mm_add_epi32(X0, X3); X1 = _mm_xor_si128(_mm_xor_si128(X1, _mm_slli_epi32(T, 7)), _mm_srli_epi32(T, 25)); - T = _mm_add_epi32(X1, X0); + T = _mm_add_epi32(X1, X0); X2 = _mm_xor_si128(_mm_xor_si128(X2, _mm_slli_epi32(T, 9)), _mm_srli_epi32(T, 23)); - T = _mm_add_epi32(X2, X1); + T = _mm_add_epi32(X2, X1); X3 = _mm_xor_si128(_mm_xor_si128(X3, _mm_slli_epi32(T, 13)), _mm_srli_epi32(T, 19)); - T = _mm_add_epi32(X3, X2); + T = _mm_add_epi32(X3, X2); X0 = _mm_xor_si128(_mm_xor_si128(X0, _mm_slli_epi32(T, 18)), _mm_srli_epi32(T, 14)); X1 = _mm_shuffle_epi32(X1, 0x93); X2 = _mm_shuffle_epi32(X2, 0x4E); X3 = _mm_shuffle_epi32(X3, 0x39); - T = _mm_add_epi32(X0, X1); + T = _mm_add_epi32(X0, X1); X3 = _mm_xor_si128(_mm_xor_si128(X3, _mm_slli_epi32(T, 7)), _mm_srli_epi32(T, 25)); - T = _mm_add_epi32(X3, X0); + T = _mm_add_epi32(X3, X0); X2 = _mm_xor_si128(_mm_xor_si128(X2, _mm_slli_epi32(T, 9)), _mm_srli_epi32(T, 23)); - T = _mm_add_epi32(X2, X3); + T = _mm_add_epi32(X2, X3); X1 = _mm_xor_si128(_mm_xor_si128(X1, _mm_slli_epi32(T, 13)), _mm_srli_epi32(T, 19)); - T = _mm_add_epi32(X1, X2); + T = _mm_add_epi32(X1, X2); X0 = _mm_xor_si128(_mm_xor_si128(X0, _mm_slli_epi32(T, 18)), _mm_srli_epi32(T, 14)); X1 = _mm_shuffle_epi32(X1, 0x39); X2 = _mm_shuffle_epi32(X2, 0x4E); @@ -202,13 +205,21 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const __m128i k20 = _mm_or_si128(_mm_and_si128(X2, maskLo32), _mm_and_si128(X1, maskHi32)); __m128i k13 = _mm_or_si128(_mm_slli_epi64(X1, 32), _mm_srli_epi64(X0, 32)); __m128i k31 = _mm_or_si128(_mm_and_si128(X3, maskLo32), _mm_and_si128(X2, maskHi32)); - k02 = _mm_shuffle_epi32(k02, _MM_SHUFFLE(0, 1, 2, 3)); - k13 = _mm_shuffle_epi32(k13, _MM_SHUFFLE(0, 1, 2, 3)); + k02 = _mm_shuffle_epi32(k02, _MM_SHUFFLE(0, 1, 2, 3)); + k13 = _mm_shuffle_epi32(k13, _MM_SHUFFLE(0, 1, 2, 3)); - _mm_storeu_si128(reinterpret_cast<__m128i*>(c), _mm_xor_si128(_mm_unpackhi_epi64(k02, k20), _mm_loadu_si128(reinterpret_cast(m)))); - _mm_storeu_si128(reinterpret_cast<__m128i*>(c) + 1, _mm_xor_si128(_mm_unpackhi_epi64(k13, k31), _mm_loadu_si128(reinterpret_cast(m) + 1))); - _mm_storeu_si128(reinterpret_cast<__m128i*>(c) + 2, _mm_xor_si128(_mm_unpacklo_epi64(k20, k02), _mm_loadu_si128(reinterpret_cast(m) + 2))); - _mm_storeu_si128(reinterpret_cast<__m128i*>(c) + 3, _mm_xor_si128(_mm_unpacklo_epi64(k31, k13), _mm_loadu_si128(reinterpret_cast(m) + 3))); + _mm_storeu_si128( + reinterpret_cast<__m128i *>(c), + _mm_xor_si128(_mm_unpackhi_epi64(k02, k20), _mm_loadu_si128(reinterpret_cast(m)))); + _mm_storeu_si128( + reinterpret_cast<__m128i *>(c) + 1, + _mm_xor_si128(_mm_unpackhi_epi64(k13, k31), _mm_loadu_si128(reinterpret_cast(m) + 1))); + _mm_storeu_si128( + reinterpret_cast<__m128i *>(c) + 2, + _mm_xor_si128(_mm_unpacklo_epi64(k20, k02), _mm_loadu_si128(reinterpret_cast(m) + 2))); + _mm_storeu_si128( + reinterpret_cast<__m128i *>(c) + 3, + _mm_xor_si128(_mm_unpacklo_epi64(k31, k13), _mm_loadu_si128(reinterpret_cast(m) + 3))); X0 = X0s; X1 = X1s; @@ -217,16 +228,16 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const #else - x0 = j0; - x1 = j1; - x2 = j2; - x3 = j3; - x4 = j4; - x5 = j5; - x6 = j6; - x7 = j7; - x8 = j8; - x9 = j9; + x0 = j0; + x1 = j1; + x2 = j2; + x3 = j3; + x4 = j4; + x5 = j5; + x6 = j6; + x7 = j7; + x8 = j8; + x9 = j9; x10 = j10; x11 = j11; x12 = j12; @@ -235,33 +246,33 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const x15 = j15; for (unsigned int rr = 0; rr < (R / 2); ++rr) { - x4 = XOR(x4, ROTATE(PLUS(x0, x12), 7)); - x8 = XOR(x8, ROTATE(PLUS(x4, x0), 9)); + x4 = XOR(x4, ROTATE(PLUS(x0, x12), 7)); + x8 = XOR(x8, ROTATE(PLUS(x4, x0), 9)); x12 = XOR(x12, ROTATE(PLUS(x8, x4), 13)); - x0 = XOR(x0, ROTATE(PLUS(x12, x8), 18)); - x9 = XOR(x9, ROTATE(PLUS(x5, x1), 7)); + x0 = XOR(x0, ROTATE(PLUS(x12, x8), 18)); + x9 = XOR(x9, ROTATE(PLUS(x5, x1), 7)); x13 = XOR(x13, ROTATE(PLUS(x9, x5), 9)); - x1 = XOR(x1, ROTATE(PLUS(x13, x9), 13)); - x5 = XOR(x5, ROTATE(PLUS(x1, x13), 18)); + x1 = XOR(x1, ROTATE(PLUS(x13, x9), 13)); + x5 = XOR(x5, ROTATE(PLUS(x1, x13), 18)); x14 = XOR(x14, ROTATE(PLUS(x10, x6), 7)); - x2 = XOR(x2, ROTATE(PLUS(x14, x10), 9)); - x6 = XOR(x6, ROTATE(PLUS(x2, x14), 13)); + x2 = XOR(x2, ROTATE(PLUS(x14, x10), 9)); + x6 = XOR(x6, ROTATE(PLUS(x2, x14), 13)); x10 = XOR(x10, ROTATE(PLUS(x6, x2), 18)); - x3 = XOR(x3, ROTATE(PLUS(x15, x11), 7)); - x7 = XOR(x7, ROTATE(PLUS(x3, x15), 9)); + x3 = XOR(x3, ROTATE(PLUS(x15, x11), 7)); + x7 = XOR(x7, ROTATE(PLUS(x3, x15), 9)); x11 = XOR(x11, ROTATE(PLUS(x7, x3), 13)); x15 = XOR(x15, ROTATE(PLUS(x11, x7), 18)); - x1 = XOR(x1, ROTATE(PLUS(x0, x3), 7)); - x2 = XOR(x2, ROTATE(PLUS(x1, x0), 9)); - x3 = XOR(x3, ROTATE(PLUS(x2, x1), 13)); - x0 = XOR(x0, ROTATE(PLUS(x3, x2), 18)); - x6 = XOR(x6, ROTATE(PLUS(x5, x4), 7)); - x7 = XOR(x7, ROTATE(PLUS(x6, x5), 9)); - x4 = XOR(x4, ROTATE(PLUS(x7, x6), 13)); - x5 = XOR(x5, ROTATE(PLUS(x4, x7), 18)); + x1 = XOR(x1, ROTATE(PLUS(x0, x3), 7)); + x2 = XOR(x2, ROTATE(PLUS(x1, x0), 9)); + x3 = XOR(x3, ROTATE(PLUS(x2, x1), 13)); + x0 = XOR(x0, ROTATE(PLUS(x3, x2), 18)); + x6 = XOR(x6, ROTATE(PLUS(x5, x4), 7)); + x7 = XOR(x7, ROTATE(PLUS(x6, x5), 9)); + x4 = XOR(x4, ROTATE(PLUS(x7, x6), 13)); + x5 = XOR(x5, ROTATE(PLUS(x4, x7), 18)); x11 = XOR(x11, ROTATE(PLUS(x10, x9), 7)); - x8 = XOR(x8, ROTATE(PLUS(x11, x10), 9)); - x9 = XOR(x9, ROTATE(PLUS(x8, x11), 13)); + x8 = XOR(x8, ROTATE(PLUS(x11, x10), 9)); + x9 = XOR(x9, ROTATE(PLUS(x8, x11), 13)); x10 = XOR(x10, ROTATE(PLUS(x9, x8), 18)); x12 = XOR(x12, ROTATE(PLUS(x15, x14), 7)); x13 = XOR(x13, ROTATE(PLUS(x12, x15), 9)); @@ -269,16 +280,16 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const x15 = XOR(x15, ROTATE(PLUS(x14, x13), 18)); } - x0 = PLUS(x0, j0); - x1 = PLUS(x1, j1); - x2 = PLUS(x2, j2); - x3 = PLUS(x3, j3); - x4 = PLUS(x4, j4); - x5 = PLUS(x5, j5); - x6 = PLUS(x6, j6); - x7 = PLUS(x7, j7); - x8 = PLUS(x8, j8); - x9 = PLUS(x9, j9); + x0 = PLUS(x0, j0); + x1 = PLUS(x1, j1); + x2 = PLUS(x2, j2); + x3 = PLUS(x3, j3); + x4 = PLUS(x4, j4); + x5 = PLUS(x5, j5); + x6 = PLUS(x6, j6); + x7 = PLUS(x7, j7); + x8 = PLUS(x8, j8); + x9 = PLUS(x9, j9); x10 = PLUS(x10, j10); x11 = PLUS(x11, j11); x12 = PLUS(x12, j12); @@ -327,14 +338,18 @@ template static ZT_INLINE void p_salsaCrypt(p_SalsaState* const } } -void Salsa20::crypt12(const void* in, void* out, unsigned int bytes) noexcept +void Salsa20::crypt12(const void *in, void *out, unsigned int bytes) noexcept { - p_salsaCrypt<12>(reinterpret_cast(&_state), reinterpret_cast(in), reinterpret_cast(out), bytes); + p_salsaCrypt<12>( + reinterpret_cast(&_state), reinterpret_cast(in), + reinterpret_cast(out), bytes); } -void Salsa20::crypt20(const void* in, void* out, unsigned int bytes) noexcept +void Salsa20::crypt20(const void *in, void *out, unsigned int bytes) noexcept { - p_salsaCrypt<20>(reinterpret_cast(&_state), reinterpret_cast(in), reinterpret_cast(out), bytes); + p_salsaCrypt<20>( + reinterpret_cast(&_state), reinterpret_cast(in), + reinterpret_cast(out), bytes); } } // namespace ZeroTier diff --git a/core/Salsa20.hpp b/core/Salsa20.hpp index 846a56d46..5e6e006ff 100644 --- a/core/Salsa20.hpp +++ b/core/Salsa20.hpp @@ -39,35 +39,21 @@ class Salsa20 : public TriviallyCopyable { public: #ifdef ZT_SALSA20_SSE - static constexpr bool accelerated() noexcept - { - return true; - } + static constexpr bool accelerated() noexcept { return true; } #else - static constexpr bool accelerated() noexcept - { - return false; - } + static constexpr bool accelerated() noexcept { return false; } #endif - ZT_INLINE Salsa20() noexcept - { - } + ZT_INLINE Salsa20() noexcept {} - ZT_INLINE ~Salsa20() noexcept - { - Utils::burn(&_state, sizeof(_state)); - } + ZT_INLINE ~Salsa20() noexcept { Utils::burn(&_state, sizeof(_state)); } /** * @param key 256-bit (32 byte) key * @param iv 64-bit initialization vector */ - ZT_INLINE Salsa20(const void* key, const void* iv) noexcept - { - init(key, iv); - } + ZT_INLINE Salsa20(const void *key, const void *iv) noexcept { init(key, iv); } /** * Initialize cipher @@ -75,7 +61,7 @@ class Salsa20 : public TriviallyCopyable { * @param key Key bits * @param iv 64-bit initialization vector */ - void init(const void* key, const void* iv) noexcept; + void init(const void *key, const void *iv) noexcept; /** * Encrypt/decrypt data using Salsa20/12 @@ -84,7 +70,7 @@ class Salsa20 : public TriviallyCopyable { * @param out Output buffer * @param bytes Length of data */ - void crypt12(const void* in, void* out, unsigned int bytes) noexcept; + void crypt12(const void *in, void *out, unsigned int bytes) noexcept; /** * Encrypt/decrypt data using Salsa20/20 @@ -93,7 +79,7 @@ class Salsa20 : public TriviallyCopyable { * @param out Output buffer * @param bytes Length of data */ - void crypt20(const void* in, void* out, unsigned int bytes) noexcept; + void crypt20(const void *in, void *out, unsigned int bytes) noexcept; private: union { diff --git a/core/ScopedPtr.hpp b/core/ScopedPtr.hpp index c79690890..a36ed31d0 100644 --- a/core/ScopedPtr.hpp +++ b/core/ScopedPtr.hpp @@ -26,86 +26,47 @@ namespace ZeroTier { */ template class ScopedPtr : public TriviallyCopyable { public: - explicit ZT_INLINE ScopedPtr(T* const p) noexcept : m_ptr(p) + explicit ZT_INLINE ScopedPtr(T *const p) noexcept : m_ptr(p) {} + + ZT_INLINE ~ScopedPtr() { delete m_ptr; } + + ZT_INLINE T *operator->() const noexcept { return m_ptr; } + + ZT_INLINE T &operator*() const noexcept { return *m_ptr; } + + ZT_INLINE T *ptr() const noexcept { return m_ptr; } + + ZT_INLINE void swap(const ScopedPtr &p) noexcept { + T *const tmp = m_ptr; + m_ptr = p.m_ptr; + p.m_ptr = tmp; } - ZT_INLINE ~ScopedPtr() - { - delete m_ptr; - } + explicit ZT_INLINE operator bool() const noexcept { return (m_ptr != (T *)0); } - ZT_INLINE T* operator->() const noexcept - { - return m_ptr; - } + ZT_INLINE bool operator==(const ScopedPtr &p) const noexcept { return (m_ptr == p.m_ptr); } - ZT_INLINE T& operator*() const noexcept - { - return *m_ptr; - } + ZT_INLINE bool operator!=(const ScopedPtr &p) const noexcept { return (m_ptr != p.m_ptr); } - ZT_INLINE T* ptr() const noexcept - { - return m_ptr; - } + ZT_INLINE bool operator==(T *const p) const noexcept { return (m_ptr == p); } - ZT_INLINE void swap(const ScopedPtr& p) noexcept - { - T* const tmp = m_ptr; - m_ptr = p.m_ptr; - p.m_ptr = tmp; - } - - explicit ZT_INLINE operator bool() const noexcept - { - return (m_ptr != (T*)0); - } - - ZT_INLINE bool operator==(const ScopedPtr& p) const noexcept - { - return (m_ptr == p.m_ptr); - } - - ZT_INLINE bool operator!=(const ScopedPtr& p) const noexcept - { - return (m_ptr != p.m_ptr); - } - - ZT_INLINE bool operator==(T* const p) const noexcept - { - return (m_ptr == p); - } - - ZT_INLINE bool operator!=(T* const p) const noexcept - { - return (m_ptr != p); - } + ZT_INLINE bool operator!=(T *const p) const noexcept { return (m_ptr != p); } private: - ZT_INLINE ScopedPtr() noexcept - { - } + ZT_INLINE ScopedPtr() noexcept {} - ZT_INLINE ScopedPtr(const ScopedPtr& p) noexcept : m_ptr(nullptr) - { - } + ZT_INLINE ScopedPtr(const ScopedPtr &p) noexcept : m_ptr(nullptr) {} - ZT_INLINE ScopedPtr& operator=(const ScopedPtr& p) noexcept - { - return *this; - } + ZT_INLINE ScopedPtr &operator=(const ScopedPtr &p) noexcept { return *this; } - T* const m_ptr; + T *const m_ptr; }; } // namespace ZeroTier namespace std { -template ZT_INLINE void swap(ZeroTier::ScopedPtr& a, ZeroTier::ScopedPtr& b) noexcept -{ - a.swap(b); -} +template ZT_INLINE void swap(ZeroTier::ScopedPtr &a, ZeroTier::ScopedPtr &b) noexcept { a.swap(b); } } // namespace std #endif diff --git a/core/SelfAwareness.cpp b/core/SelfAwareness.cpp index bb342bb92..bd7e1967f 100644 --- a/core/SelfAwareness.cpp +++ b/core/SelfAwareness.cpp @@ -25,25 +25,28 @@ namespace ZeroTier { -SelfAwareness::SelfAwareness(const Context& ctx) : m_ctx(ctx) -{ -} +SelfAwareness::SelfAwareness(const Context &ctx) : m_ctx(ctx) {} -void SelfAwareness::iam(const CallContext& cc, const Identity& reporter, const int64_t receivedOnLocalSocket, const InetAddress& reporterPhysicalAddress, const InetAddress& myPhysicalAddress, bool trusted) +void SelfAwareness::iam( + const CallContext &cc, const Identity &reporter, const int64_t receivedOnLocalSocket, + const InetAddress &reporterPhysicalAddress, const InetAddress &myPhysicalAddress, bool trusted) { const InetAddress::IpScope scope = myPhysicalAddress.ipScope(); - if ((scope != reporterPhysicalAddress.ipScope()) || (scope == ZT_IP_SCOPE_NONE) || (scope == ZT_IP_SCOPE_LOOPBACK) || (scope == ZT_IP_SCOPE_MULTICAST)) + if ((scope != reporterPhysicalAddress.ipScope()) || (scope == ZT_IP_SCOPE_NONE) || (scope == ZT_IP_SCOPE_LOOPBACK) + || (scope == ZT_IP_SCOPE_MULTICAST)) return; Mutex::Lock l(m_phy_l); - p_PhySurfaceEntry& entry = m_phy[p_PhySurfaceKey(reporter.address(), receivedOnLocalSocket, reporterPhysicalAddress, scope)]; + p_PhySurfaceEntry &entry = + m_phy[p_PhySurfaceKey(reporter.address(), receivedOnLocalSocket, reporterPhysicalAddress, scope)]; - if ((trusted) && ((cc.ticks - entry.timestampTicks) < ZT_SELFAWARENESS_ENTRY_TIMEOUT) && (! entry.mySurface.ipsEqual(myPhysicalAddress))) { + if ((trusted) && ((cc.ticks - entry.timestampTicks) < ZT_SELFAWARENESS_ENTRY_TIMEOUT) + && (!entry.mySurface.ipsEqual(myPhysicalAddress))) { // Changes to external surface reported by trusted peers causes path reset in this scope - entry.mySurface = myPhysicalAddress; + entry.mySurface = myPhysicalAddress; entry.timestampTicks = cc.ticks; - entry.trusted = trusted; + entry.trusted = trusted; // Erase all entries in this scope that were not reported from this remote address to prevent 'thrashing' // due to multiple reports of endpoint change. @@ -56,22 +59,23 @@ void SelfAwareness::iam(const CallContext& cc, const Identity& reporter, const i } // Reset all paths within this scope and address family - Vector > peers, rootPeers; + Vector> peers, rootPeers; m_ctx.topology->allPeers(peers, rootPeers); - for (Vector >::const_iterator p(peers.begin()); p != peers.end(); ++p) + for (Vector>::const_iterator p(peers.begin()); p != peers.end(); ++p) (*p)->resetWithinScope(m_ctx, cc, (InetAddress::IpScope)scope, myPhysicalAddress.as.sa.sa_family); - m_ctx.t->resettingPathsInScope(cc, 0x9afff100, reporter, reporterPhysicalAddress, entry.mySurface, myPhysicalAddress, scope); + m_ctx.t->resettingPathsInScope( + cc, 0x9afff100, reporter, reporterPhysicalAddress, entry.mySurface, myPhysicalAddress, scope); } else { // Otherwise just update DB to use to determine external surface info - entry.mySurface = myPhysicalAddress; + entry.mySurface = myPhysicalAddress; entry.timestampTicks = cc.ticks; - entry.trusted = trusted; + entry.trusted = trusted; } } -void SelfAwareness::clean(const CallContext& cc) +void SelfAwareness::clean(const CallContext &cc) { Mutex::Lock l(m_phy_l); for (Map::iterator i(m_phy.begin()); i != m_phy.end();) { @@ -82,7 +86,7 @@ void SelfAwareness::clean(const CallContext& cc) } } -MultiMap SelfAwareness::externalAddresses(CallContext& cc) const +MultiMap SelfAwareness::externalAddresses(CallContext &cc) const { MultiMap r; diff --git a/core/SelfAwareness.hpp b/core/SelfAwareness.hpp index 1fea7b9c5..82caa0ae5 100644 --- a/core/SelfAwareness.hpp +++ b/core/SelfAwareness.hpp @@ -33,7 +33,7 @@ class Context; */ class SelfAwareness { public: - explicit SelfAwareness(const Context& ctx); + explicit SelfAwareness(const Context &ctx); /** * Called when a remote peer informs us of our external network address @@ -44,19 +44,21 @@ class SelfAwareness { * @param myPhysicalAddress Physical address that peer says we have * @param trusted True if this peer is trusted as an authority to inform us of external address changes */ - void iam(const CallContext& cc, const Identity& reporter, int64_t receivedOnLocalSocket, const InetAddress& reporterPhysicalAddress, const InetAddress& myPhysicalAddress, bool trusted); + void + iam(const CallContext &cc, const Identity &reporter, int64_t receivedOnLocalSocket, + const InetAddress &reporterPhysicalAddress, const InetAddress &myPhysicalAddress, bool trusted); /** * Clean up database periodically */ - void clean(const CallContext& cc); + void clean(const CallContext &cc); /** * Get external address consensus, which is the statistical "mode" of external addresses. * * @return Map of count to IP/port representing how many endpoints reported each address */ - MultiMap externalAddresses(CallContext& cc) const; + MultiMap externalAddresses(CallContext &cc) const; private: struct p_PhySurfaceKey { @@ -65,12 +67,10 @@ class SelfAwareness { InetAddress reporterPhysicalAddress; InetAddress::IpScope scope; - ZT_INLINE p_PhySurfaceKey() noexcept - { - } + ZT_INLINE p_PhySurfaceKey() noexcept {} ZT_INLINE - p_PhySurfaceKey(const Address& r, const int64_t rol, const InetAddress& ra, InetAddress::IpScope s) noexcept + p_PhySurfaceKey(const Address &r, const int64_t rol, const InetAddress &ra, InetAddress::IpScope s) noexcept : reporter(r) , receivedOnLocalSocket(rol) , reporterPhysicalAddress(ra) @@ -83,17 +83,16 @@ class SelfAwareness { return ((unsigned long)reporter.toInt() + (unsigned long)receivedOnLocalSocket + (unsigned long)scope); } - ZT_INLINE bool operator==(const p_PhySurfaceKey& k) const noexcept + ZT_INLINE bool operator==(const p_PhySurfaceKey &k) const noexcept { - return ((reporter == k.reporter) && (receivedOnLocalSocket == k.receivedOnLocalSocket) && (reporterPhysicalAddress == k.reporterPhysicalAddress) && (scope == k.scope)); + return ( + (reporter == k.reporter) && (receivedOnLocalSocket == k.receivedOnLocalSocket) + && (reporterPhysicalAddress == k.reporterPhysicalAddress) && (scope == k.scope)); } - ZT_INLINE bool operator!=(const p_PhySurfaceKey& k) const noexcept - { - return (! (*this == k)); - } + ZT_INLINE bool operator!=(const p_PhySurfaceKey &k) const noexcept { return (!(*this == k)); } - ZT_INLINE bool operator<(const p_PhySurfaceKey& k) const noexcept + ZT_INLINE bool operator<(const p_PhySurfaceKey &k) const noexcept { if (reporter < k.reporter) { return true; @@ -120,14 +119,9 @@ class SelfAwareness { int64_t timestampTicks; bool trusted; - ZT_INLINE p_PhySurfaceEntry() noexcept - : mySurface() - , timestampTicks(0) - , trusted(false) - { - } + ZT_INLINE p_PhySurfaceEntry() noexcept : mySurface(), timestampTicks(0), trusted(false) {} - ZT_INLINE p_PhySurfaceEntry(const InetAddress& a, const int64_t t) noexcept + ZT_INLINE p_PhySurfaceEntry(const InetAddress &a, const int64_t t) noexcept : mySurface(a) , timestampTicks(t) , trusted(false) @@ -135,7 +129,7 @@ class SelfAwareness { } }; - const Context& m_ctx; + const Context &m_ctx; Map m_phy; Mutex m_phy_l; }; diff --git a/core/SharedPtr.hpp b/core/SharedPtr.hpp index e53a4c084..bb6dd54d2 100644 --- a/core/SharedPtr.hpp +++ b/core/SharedPtr.hpp @@ -27,40 +27,33 @@ namespace ZeroTier { */ template class SharedPtr : public TriviallyCopyable { public: - ZT_INLINE SharedPtr() noexcept : m_ptr(nullptr) - { - } + ZT_INLINE SharedPtr() noexcept : m_ptr(nullptr) {} - explicit ZT_INLINE SharedPtr(T* obj) noexcept : m_ptr(obj) + explicit ZT_INLINE SharedPtr(T *obj) noexcept : m_ptr(obj) { if (likely(obj != nullptr)) - const_cast*>(&(obj->__refCount))->fetch_add(1, std::memory_order_acquire); + const_cast *>(&(obj->__refCount))->fetch_add(1, std::memory_order_acquire); } - ZT_INLINE SharedPtr(const SharedPtr& sp) noexcept : m_ptr(sp.m_acquire()) - { - } + ZT_INLINE SharedPtr(const SharedPtr &sp) noexcept : m_ptr(sp.m_acquire()) {} - ZT_INLINE ~SharedPtr() - { - m_release(); - } + ZT_INLINE ~SharedPtr() { m_release(); } - ZT_INLINE SharedPtr& operator=(const SharedPtr& sp) + ZT_INLINE SharedPtr &operator=(const SharedPtr &sp) { if (likely(m_ptr != sp.m_ptr)) { - T* const p = sp.m_acquire(); + T *const p = sp.m_acquire(); m_release(); m_ptr = p; } return *this; } - ZT_INLINE void set(T* ptr) noexcept + ZT_INLINE void set(T *ptr) noexcept { m_release(); m_ptr = ptr; - const_cast*>(&(ptr->__refCount))->fetch_add(1, std::memory_order_acquire); + const_cast *>(&(ptr->__refCount))->fetch_add(1, std::memory_order_acquire); } /** @@ -71,11 +64,11 @@ template class SharedPtr : public TriviallyCopyable { * * @param with Pointer to swap with */ - ZT_INLINE void swap(SharedPtr& with) noexcept + ZT_INLINE void swap(SharedPtr &with) noexcept { - T* const tmp = m_ptr; - m_ptr = with.m_ptr; - with.m_ptr = tmp; + T *const tmp = m_ptr; + m_ptr = with.m_ptr; + with.m_ptr = tmp; } /** @@ -87,35 +80,23 @@ template class SharedPtr : public TriviallyCopyable { * * @param from Source pointer; will be changed to NULL */ - ZT_INLINE void move(SharedPtr& from) + ZT_INLINE void move(SharedPtr &from) { m_release(); - m_ptr = from.m_ptr; + m_ptr = from.m_ptr; from.m_ptr = nullptr; } - ZT_INLINE operator bool() const noexcept - { - return (m_ptr != nullptr); - } + ZT_INLINE operator bool() const noexcept { return (m_ptr != nullptr); } - ZT_INLINE T& operator*() const noexcept - { - return *m_ptr; - } + ZT_INLINE T &operator*() const noexcept { return *m_ptr; } - ZT_INLINE T* operator->() const noexcept - { - return m_ptr; - } + ZT_INLINE T *operator->() const noexcept { return m_ptr; } /** * @return Raw pointer to held object */ - ZT_INLINE T* ptr() const noexcept - { - return m_ptr; - } + ZT_INLINE T *ptr() const noexcept { return m_ptr; } /** * Set this pointer to NULL @@ -136,13 +117,13 @@ template class SharedPtr : public TriviallyCopyable { * * @return Pointer or NULL if more than one reference */ - ZT_INLINE T* weakGC() + ZT_INLINE T *weakGC() { if (likely(m_ptr != nullptr)) { int one = 1; - if (const_cast*>(&(m_ptr->__refCount))->compare_exchange_strong(one, (int)0)) { - T* const ptr = m_ptr; - m_ptr = nullptr; + if (const_cast *>(&(m_ptr->__refCount))->compare_exchange_strong(one, (int)0)) { + T *const ptr = m_ptr; + m_ptr = nullptr; return ptr; } else { @@ -159,53 +140,48 @@ template class SharedPtr : public TriviallyCopyable { return (unsigned long)((uintptr_t)m_ptr + (uintptr_t)Utils::hash32((uint32_t)m_ptr)); } - ZT_INLINE bool operator==(const SharedPtr& sp) const noexcept + ZT_INLINE bool operator==(const SharedPtr &sp) const noexcept { return (m_ptr == sp.m_ptr); } + + ZT_INLINE bool operator!=(const SharedPtr &sp) const noexcept { return (m_ptr != sp.m_ptr); } + + ZT_INLINE bool operator>(const SharedPtr &sp) const noexcept { - return (m_ptr == sp.m_ptr); + return (reinterpret_cast(m_ptr) > reinterpret_cast(sp.m_ptr)); } - ZT_INLINE bool operator!=(const SharedPtr& sp) const noexcept + ZT_INLINE bool operator<(const SharedPtr &sp) const noexcept { - return (m_ptr != sp.m_ptr); + return (reinterpret_cast(m_ptr) < reinterpret_cast(sp.m_ptr)); } - ZT_INLINE bool operator>(const SharedPtr& sp) const noexcept + ZT_INLINE bool operator>=(const SharedPtr &sp) const noexcept { - return (reinterpret_cast(m_ptr) > reinterpret_cast(sp.m_ptr)); + return (reinterpret_cast(m_ptr) >= reinterpret_cast(sp.m_ptr)); } - ZT_INLINE bool operator<(const SharedPtr& sp) const noexcept + ZT_INLINE bool operator<=(const SharedPtr &sp) const noexcept { - return (reinterpret_cast(m_ptr) < reinterpret_cast(sp.m_ptr)); - } - - ZT_INLINE bool operator>=(const SharedPtr& sp) const noexcept - { - return (reinterpret_cast(m_ptr) >= reinterpret_cast(sp.m_ptr)); - } - - ZT_INLINE bool operator<=(const SharedPtr& sp) const noexcept - { - return (reinterpret_cast(m_ptr) <= reinterpret_cast(sp.m_ptr)); + return (reinterpret_cast(m_ptr) <= reinterpret_cast(sp.m_ptr)); } private: - ZT_INLINE T* m_acquire() const noexcept + ZT_INLINE T *m_acquire() const noexcept { if (likely(m_ptr != nullptr)) - const_cast*>(&(m_ptr->__refCount))->fetch_add(1, std::memory_order_acquire); + const_cast *>(&(m_ptr->__refCount))->fetch_add(1, std::memory_order_acquire); return m_ptr; } ZT_INLINE void m_release() const noexcept { if (likely(m_ptr != nullptr)) { - if (unlikely(const_cast*>(&(m_ptr->__refCount))->fetch_sub(1, std::memory_order_release) <= 1)) + if (unlikely( + const_cast *>(&(m_ptr->__refCount))->fetch_sub(1, std::memory_order_release) <= 1)) delete m_ptr; } } - T* m_ptr; + T *m_ptr; }; } // namespace ZeroTier @@ -213,12 +189,12 @@ template class SharedPtr : public TriviallyCopyable { // Augment std::swap to speed up some operations with SharedPtr. namespace std { -template ZT_MAYBE_UNUSED ZT_INLINE void swap(ZeroTier::SharedPtr& a, ZeroTier::SharedPtr& b) noexcept +template ZT_MAYBE_UNUSED ZT_INLINE void swap(ZeroTier::SharedPtr &a, ZeroTier::SharedPtr &b) noexcept { a.swap(b); } -template ZT_MAYBE_UNUSED ZT_INLINE void move(ZeroTier::SharedPtr& a, ZeroTier::SharedPtr& b) noexcept +template ZT_MAYBE_UNUSED ZT_INLINE void move(ZeroTier::SharedPtr &a, ZeroTier::SharedPtr &b) noexcept { a.move(b); } diff --git a/core/Spinlock.hpp b/core/Spinlock.hpp index 10082825c..d8537d720 100644 --- a/core/Spinlock.hpp +++ b/core/Spinlock.hpp @@ -49,9 +49,7 @@ class Spinlock { #endif } - ZT_INLINE Spinlock() noexcept : m_locked(false) - { - } + ZT_INLINE Spinlock() noexcept : m_locked(false) {} ZT_INLINE void lock() noexcept { @@ -62,19 +60,11 @@ class Spinlock { } } - ZT_INLINE void unlock() noexcept - { - m_locked.clear(std::memory_order_release); - } + ZT_INLINE void unlock() noexcept { m_locked.clear(std::memory_order_release); } private: - ZT_INLINE Spinlock(const Spinlock&) noexcept - { - } - ZT_INLINE const Spinlock& operator=(const Spinlock&) noexcept - { - return *this; - } + ZT_INLINE Spinlock(const Spinlock &) noexcept {} + ZT_INLINE const Spinlock &operator=(const Spinlock &) noexcept { return *this; } std::atomic_flag m_locked; }; diff --git a/core/Store.hpp b/core/Store.hpp index bba9578df..28ad18911 100644 --- a/core/Store.hpp +++ b/core/Store.hpp @@ -26,9 +26,7 @@ namespace ZeroTier { */ class Store { public: - ZT_INLINE Store(const Context& ctx) : m_ctx(ctx) - { - } + ZT_INLINE Store(const Context &ctx) : m_ctx(ctx) {} /** * Get a state object @@ -38,14 +36,16 @@ class Store { * @param idSize Size of object ID in qwords * @return Data or empty vector if not found */ - ZT_INLINE Vector get(const CallContext& cc, ZT_StateObjectType type, const uint64_t* const id, unsigned int idSize) const + ZT_INLINE Vector + get(const CallContext &cc, ZT_StateObjectType type, const uint64_t *const id, unsigned int idSize) const { Vector dv; - void* data = nullptr; - void (*freeFunc)(void*) = nullptr; - const int r = m_ctx.cb.stateGetFunction(reinterpret_cast(m_ctx.node), m_ctx.uPtr, cc.tPtr, type, id, idSize, &data, &freeFunc); + void *data = nullptr; + void (*freeFunc)(void *) = nullptr; + const int r = m_ctx.cb.stateGetFunction( + reinterpret_cast(m_ctx.node), m_ctx.uPtr, cc.tPtr, type, id, idSize, &data, &freeFunc); if (r > 0) - dv.assign(reinterpret_cast(data), reinterpret_cast(data) + r); + dv.assign(reinterpret_cast(data), reinterpret_cast(data) + r); if ((data) && (freeFunc)) freeFunc(data); return dv; @@ -60,9 +60,12 @@ class Store { * @param data Data to store * @param len Length of data */ - ZT_INLINE void put(const CallContext& cc, ZT_StateObjectType type, const uint64_t* const id, const unsigned int idSize, const void* const data, const unsigned int len) noexcept + ZT_INLINE void + put(const CallContext &cc, ZT_StateObjectType type, const uint64_t *const id, const unsigned int idSize, + const void *const data, const unsigned int len) noexcept { - m_ctx.cb.statePutFunction(reinterpret_cast(this), m_ctx.uPtr, cc.tPtr, type, id, idSize, data, (int)len); + m_ctx.cb.statePutFunction( + reinterpret_cast(this), m_ctx.uPtr, cc.tPtr, type, id, idSize, data, (int)len); } /** @@ -72,13 +75,15 @@ class Store { * @param id Object ID * @param idSize Size of object ID in qwords */ - ZT_INLINE void erase(const CallContext& cc, ZT_StateObjectType type, const uint64_t* const id, const unsigned int idSize) noexcept + ZT_INLINE void + erase(const CallContext &cc, ZT_StateObjectType type, const uint64_t *const id, const unsigned int idSize) noexcept { - m_ctx.cb.statePutFunction(reinterpret_cast(this), m_ctx.uPtr, cc.tPtr, type, id, idSize, nullptr, -1); + m_ctx.cb.statePutFunction( + reinterpret_cast(this), m_ctx.uPtr, cc.tPtr, type, id, idSize, nullptr, -1); } private: - const Context& m_ctx; + const Context &m_ctx; }; } // namespace ZeroTier diff --git a/core/SymmetricKey.hpp b/core/SymmetricKey.hpp index 36f78795b..5b20771f8 100644 --- a/core/SymmetricKey.hpp +++ b/core/SymmetricKey.hpp @@ -29,9 +29,7 @@ class SymmetricKey { /** * Construct an uninitialized key (init() must be called) */ - ZT_INLINE SymmetricKey() : m_secret(), m_ts(-1), m_initialNonce(0), m_cipher(), m_nonce(0) - { - } + ZT_INLINE SymmetricKey() : m_secret(), m_ts(-1), m_initialNonce(0), m_cipher(), m_nonce(0) {} /** * Construct a new symmetric key @@ -42,7 +40,7 @@ class SymmetricKey { * @param ts Key timestamp * @param key Key (must be 48 bytes / 384 bits) */ - ZT_INLINE SymmetricKey(const int64_t ts, const void* const key) noexcept + ZT_INLINE SymmetricKey(const int64_t ts, const void *const key) noexcept : m_secret(key) , m_ts(ts) , m_initialNonce(Utils::getSecureRandomU64() >> 1U) @@ -51,7 +49,7 @@ class SymmetricKey { { } - ZT_INLINE SymmetricKey(const SymmetricKey& k) noexcept + ZT_INLINE SymmetricKey(const SymmetricKey &k) noexcept : m_secret(k.m_secret) , m_ts(k.m_ts) , m_initialNonce(k.m_initialNonce) @@ -60,15 +58,12 @@ class SymmetricKey { { } - ZT_INLINE ~SymmetricKey() noexcept - { - Utils::burn(m_secret.data, ZT_SYMMETRIC_KEY_SIZE); - } + ZT_INLINE ~SymmetricKey() noexcept { Utils::burn(m_secret.data, ZT_SYMMETRIC_KEY_SIZE); } - ZT_INLINE SymmetricKey& operator=(const SymmetricKey& k) noexcept + ZT_INLINE SymmetricKey &operator=(const SymmetricKey &k) noexcept { - m_secret = k.m_secret; - m_ts = k.m_ts; + m_secret = k.m_secret; + m_ts = k.m_ts; m_initialNonce = k.m_initialNonce; m_cipher.init(k.m_secret.data); m_nonce.store(k.m_nonce.load(std::memory_order_relaxed), std::memory_order_relaxed); @@ -81,10 +76,10 @@ class SymmetricKey { * @param ts Key timestamp * @param key Key (must be 48 bytes / 384 bits) */ - ZT_INLINE void init(const int64_t ts, const void* const key) noexcept + ZT_INLINE void init(const int64_t ts, const void *const key) noexcept { Utils::copy(m_secret.data, key); - m_ts = ts; + m_ts = ts; m_initialNonce = Utils::getSecureRandomU64() >> 1U; m_cipher.init(key); m_nonce.store(m_initialNonce, std::memory_order_relaxed); @@ -110,34 +105,22 @@ class SymmetricKey { * * @return Number of times nextMessage() has been called since object creation */ - ZT_INLINE uint64_t odometer() const noexcept - { - return m_nonce.load(std::memory_order_relaxed) - m_initialNonce; - } + ZT_INLINE uint64_t odometer() const noexcept { return m_nonce.load(std::memory_order_relaxed) - m_initialNonce; } /** * @return Key creation timestamp or -1 if this is a long-lived key */ - ZT_INLINE int64_t timestamp() const noexcept - { - return m_ts; - } + ZT_INLINE int64_t timestamp() const noexcept { return m_ts; } /** * @return 48-byte / 384-bit secret key */ - ZT_INLINE const uint8_t* key() const noexcept - { - return m_secret.data; - } + ZT_INLINE const uint8_t *key() const noexcept { return m_secret.data; } /** * @return AES cipher (already initialized with secret key) */ - ZT_INLINE const AES& aes() const noexcept - { - return m_cipher; - } + ZT_INLINE const AES &aes() const noexcept { return m_cipher; } private: Blob m_secret; diff --git a/core/TagCredential.cpp b/core/TagCredential.cpp index ae898a851..ae8f79f9d 100644 --- a/core/TagCredential.cpp +++ b/core/TagCredential.cpp @@ -15,11 +15,11 @@ namespace ZeroTier { -bool TagCredential::sign(const Identity& signer) noexcept +bool TagCredential::sign(const Identity &signer) noexcept { uint8_t buf[ZT_TAG_MARSHAL_SIZE_MAX]; if (signer.hasPrivate()) { - m_signedBy = signer.address(); + m_signedBy = signer.address(); m_signatureLength = signer.sign(buf, (unsigned int)marshal(buf, true), m_signature, sizeof(m_signature)); return true; } @@ -42,7 +42,7 @@ int TagCredential::marshal(uint8_t data[ZT_TAG_MARSHAL_SIZE_MAX], bool forSign) p += ZT_ADDRESS_LENGTH; m_signedBy.copyTo(data + p); p += ZT_ADDRESS_LENGTH; - if (! forSign) { + if (!forSign) { data[p++] = 1; Utils::storeBigEndian(data + p, (uint16_t)m_signatureLength); p += 2; @@ -58,19 +58,19 @@ int TagCredential::marshal(uint8_t data[ZT_TAG_MARSHAL_SIZE_MAX], bool forSign) return p; } -int TagCredential::unmarshal(const uint8_t* data, int len) noexcept +int TagCredential::unmarshal(const uint8_t *data, int len) noexcept { if (len < 37) return -1; m_networkId = Utils::loadBigEndian(data); - m_ts = (int64_t)Utils::loadBigEndian(data + 8); - m_id = Utils::loadBigEndian(data + 16); - m_value = Utils::loadBigEndian(data + 20); + m_ts = (int64_t)Utils::loadBigEndian(data + 8); + m_id = Utils::loadBigEndian(data + 16); + m_value = Utils::loadBigEndian(data + 20); m_issuedTo.setTo(data + 24); m_signedBy.setTo(data + 29); // 1 byte reserved m_signatureLength = Utils::loadBigEndian(data + 35); - int p = 37 + (int)m_signatureLength; + int p = 37 + (int)m_signatureLength; if ((m_signatureLength > ZT_SIGNATURE_BUFFER_SIZE) || (p > len)) return -1; Utils::copy(m_signature, data + p, m_signatureLength); diff --git a/core/TagCredential.hpp b/core/TagCredential.hpp index fa4db37c2..bc26c07cc 100644 --- a/core/TagCredential.hpp +++ b/core/TagCredential.hpp @@ -47,15 +47,9 @@ class TagCredential : public Credential { friend class Credential; public: - static constexpr ZT_CredentialType credentialType() noexcept - { - return ZT_CREDENTIAL_TYPE_TAG; - } + static constexpr ZT_CredentialType credentialType() noexcept { return ZT_CREDENTIAL_TYPE_TAG; } - ZT_INLINE TagCredential() noexcept - { - memoryZero(this); - } + ZT_INLINE TagCredential() noexcept { memoryZero(this); } /** * @param nwid Network ID @@ -64,7 +58,9 @@ class TagCredential : public Credential { * @param id Tag ID * @param value Tag value */ - ZT_INLINE TagCredential(const uint64_t nwid, const int64_t ts, const Address& issuedTo, const uint32_t id, const uint32_t value) noexcept + ZT_INLINE TagCredential( + const uint64_t nwid, const int64_t ts, const Address &issuedTo, const uint32_t id, + const uint32_t value) noexcept : m_id(id) , m_value(value) , m_networkId(nwid) @@ -75,50 +71,23 @@ class TagCredential : public Credential { { } - ZT_INLINE uint32_t id() const noexcept - { - return m_id; - } + ZT_INLINE uint32_t id() const noexcept { return m_id; } - ZT_INLINE const uint32_t& value() const noexcept - { - return m_value; - } + ZT_INLINE const uint32_t &value() const noexcept { return m_value; } - ZT_INLINE uint64_t networkId() const noexcept - { - return m_networkId; - } + ZT_INLINE uint64_t networkId() const noexcept { return m_networkId; } - ZT_INLINE int64_t timestamp() const noexcept - { - return m_ts; - } + ZT_INLINE int64_t timestamp() const noexcept { return m_ts; } - ZT_INLINE int64_t revision() const noexcept - { - return m_ts; - } + ZT_INLINE int64_t revision() const noexcept { return m_ts; } - ZT_INLINE const Address& issuedTo() const noexcept - { - return m_issuedTo; - } + ZT_INLINE const Address &issuedTo() const noexcept { return m_issuedTo; } - ZT_INLINE const Address& signer() const noexcept - { - return m_signedBy; - } + ZT_INLINE const Address &signer() const noexcept { return m_signedBy; } - ZT_INLINE const uint8_t* signature() const noexcept - { - return m_signature; - } + ZT_INLINE const uint8_t *signature() const noexcept { return m_signature; } - ZT_INLINE unsigned int signatureLength() const noexcept - { - return m_signatureLength; - } + ZT_INLINE unsigned int signatureLength() const noexcept { return m_signatureLength; } /** * Sign this tag @@ -126,7 +95,7 @@ class TagCredential : public Credential { * @param signer Signing identity, must have private key * @return True if signature was successful */ - bool sign(const Identity& signer) noexcept; + bool sign(const Identity &signer) noexcept; /** * Check this tag's signature @@ -134,82 +103,61 @@ class TagCredential : public Credential { * @param RR Runtime environment to allow identity lookup for signedBy * @param tPtr Thread pointer to be handed through to any callbacks called as a result of this call */ - ZT_INLINE Credential::VerifyResult verify(const Context& ctx, const CallContext& cc) const noexcept + ZT_INLINE Credential::VerifyResult verify(const Context &ctx, const CallContext &cc) const noexcept { return s_verify(ctx, cc, *this); } - static constexpr int marshalSizeMax() noexcept - { - return ZT_TAG_MARSHAL_SIZE_MAX; - } + static constexpr int marshalSizeMax() noexcept { return ZT_TAG_MARSHAL_SIZE_MAX; } int marshal(uint8_t data[ZT_TAG_MARSHAL_SIZE_MAX], bool forSign = false) const noexcept; - int unmarshal(const uint8_t* data, int len) noexcept; + int unmarshal(const uint8_t *data, int len) noexcept; // Provides natural sort order by ID - ZT_INLINE bool operator<(const TagCredential& t) const noexcept - { - return (m_id < t.m_id); - } + ZT_INLINE bool operator<(const TagCredential &t) const noexcept { return (m_id < t.m_id); } - ZT_INLINE bool operator==(const TagCredential& t) const noexcept + ZT_INLINE bool operator==(const TagCredential &t) const noexcept { return (memcmp(this, &t, sizeof(TagCredential)) == 0); } - ZT_INLINE bool operator!=(const TagCredential& t) const noexcept + ZT_INLINE bool operator!=(const TagCredential &t) const noexcept { return (memcmp(this, &t, sizeof(TagCredential)) != 0); } // For searching sorted arrays or lists of Tags by ID struct IdComparePredicate { - ZT_INLINE bool operator()(const TagCredential& a, const TagCredential& b) const noexcept + ZT_INLINE bool operator()(const TagCredential &a, const TagCredential &b) const noexcept { return (a.id() < b.id()); } - ZT_INLINE bool operator()(const uint32_t a, const TagCredential& b) const noexcept - { - return (a < b.id()); - } + ZT_INLINE bool operator()(const uint32_t a, const TagCredential &b) const noexcept { return (a < b.id()); } - ZT_INLINE bool operator()(const TagCredential& a, const uint32_t b) const noexcept - { - return (a.id() < b); - } + ZT_INLINE bool operator()(const TagCredential &a, const uint32_t b) const noexcept { return (a.id() < b); } - ZT_INLINE bool operator()(const TagCredential* a, const TagCredential* b) const noexcept + ZT_INLINE bool operator()(const TagCredential *a, const TagCredential *b) const noexcept { return (a->id() < b->id()); } - ZT_INLINE bool operator()(const TagCredential* a, const TagCredential& b) const noexcept + ZT_INLINE bool operator()(const TagCredential *a, const TagCredential &b) const noexcept { return (a->id() < b.id()); } - ZT_INLINE bool operator()(const TagCredential& a, const TagCredential* b) const noexcept + ZT_INLINE bool operator()(const TagCredential &a, const TagCredential *b) const noexcept { return (a.id() < b->id()); } - ZT_INLINE bool operator()(const uint32_t a, const TagCredential* b) const noexcept - { - return (a < b->id()); - } + ZT_INLINE bool operator()(const uint32_t a, const TagCredential *b) const noexcept { return (a < b->id()); } - ZT_INLINE bool operator()(const TagCredential* a, const uint32_t b) const noexcept - { - return (a->id() < b); - } + ZT_INLINE bool operator()(const TagCredential *a, const uint32_t b) const noexcept { return (a->id() < b); } - ZT_INLINE bool operator()(const uint32_t a, const uint32_t b) const noexcept - { - return (a < b); - } + ZT_INLINE bool operator()(const uint32_t a, const uint32_t b) const noexcept { return (a < b); } }; private: diff --git a/core/Tests.cpp b/core/Tests.cpp index a65635bd1..7d3c24e8a 100644 --- a/core/Tests.cpp +++ b/core/Tests.cpp @@ -2378,7 +2378,8 @@ extern "C" const char *ZTT_crypto() ZT_CERTIFICATE_PUBLIC_KEY_ALGORITHM_ECDSA_NIST_P_384, cert->publicKey, (int *)&cert->publicKeySize, certPrivateKey, &certPrivateKeySize); - auto csr = Certificate::createCSR(cert->subject, certPrivateKey, certPrivateKeySize, uniqueIdPrivate, uniqueIdPrivateKeySize); + auto csr = Certificate::createCSR( + cert->subject, certPrivateKey, certPrivateKeySize, uniqueIdPrivate, uniqueIdPrivateKeySize); if (csr.empty()) { ZT_T_PRINTF("FAILED (create CSR failed)" ZT_EOL_S); return "Create CSR"; diff --git a/core/Tests.h b/core/Tests.h index b2f80c3e0..9bf004239 100644 --- a/core/Tests.h +++ b/core/Tests.h @@ -57,7 +57,7 @@ extern "C" { /** * Test platform, compiler behavior, utility functions, and core classes */ -const char* ZTT_general(); +const char *ZTT_general(); /** * Test crypto using test vectors and simple scenarios @@ -65,12 +65,12 @@ const char* ZTT_general(); * This is not an absolutely exhaustive test, just a sanity check to make sure * crypto routines are basically working. */ -const char* ZTT_crypto(); +const char *ZTT_crypto(); /** * Run benchmarks of cryptographic routines and common constructions */ -const char* ZTT_benchmarkCrypto(); +const char *ZTT_benchmarkCrypto(); #ifdef __cplusplus } diff --git a/core/TinyMap.hpp b/core/TinyMap.hpp index a4fd5571f..05747af39 100644 --- a/core/TinyMap.hpp +++ b/core/TinyMap.hpp @@ -38,17 +38,12 @@ namespace ZeroTier { */ template class TinyMap { private: - typedef Vector > EV; + typedef Vector> EV; public: - ZT_INLINE TinyMap() - { - } + ZT_INLINE TinyMap() {} - ZT_INLINE ~TinyMap() - { - this->clear(); - } + ZT_INLINE ~TinyMap() { this->clear(); } ZT_INLINE void clear() { @@ -57,7 +52,7 @@ template class TinyMap { const uintptr_t vptr = m_buckets[i].exchange(ZT_TINYMAP_LOCKED_POINTER, std::memory_order_acquire); if (likely(vptr != ZT_TINYMAP_LOCKED_POINTER)) { if (vptr != 0) - delete reinterpret_cast(vptr); + delete reinterpret_cast(vptr); m_buckets[i].store(0, std::memory_order_release); break; } @@ -71,12 +66,13 @@ template class TinyMap { ZT_INLINE V get(const uint64_t key) noexcept { V tmp; - std::atomic& bucket = m_buckets[(key ^ (key >> 32)) & ZT_TINYMAP_BUCKETS_MASK]; + std::atomic &bucket = m_buckets[(key ^ (key >> 32)) & ZT_TINYMAP_BUCKETS_MASK]; for (;;) { const uintptr_t vptr = bucket.exchange(ZT_TINYMAP_LOCKED_POINTER, std::memory_order_acquire); if (likely(vptr != ZT_TINYMAP_LOCKED_POINTER)) { if (likely(vptr != 0)) { - for (typename EV::const_iterator n(reinterpret_cast(vptr)->begin()); n != reinterpret_cast(vptr)->end(); ++n) { + for (typename EV::const_iterator n(reinterpret_cast(vptr)->begin()); + n != reinterpret_cast(vptr)->end(); ++n) { if (likely(n->first == key)) { tmp = n->second; break; @@ -92,9 +88,9 @@ template class TinyMap { } } - ZT_INLINE void set(const uint64_t key, const V& value) + ZT_INLINE void set(const uint64_t key, const V &value) { - std::atomic& bucket = m_buckets[(key ^ (key >> 32)) & ZT_TINYMAP_BUCKETS_MASK]; + std::atomic &bucket = m_buckets[(key ^ (key >> 32)) & ZT_TINYMAP_BUCKETS_MASK]; for (;;) { uintptr_t vptr = bucket.exchange(ZT_TINYMAP_LOCKED_POINTER, std::memory_order_acquire); if (likely(vptr != ZT_TINYMAP_LOCKED_POINTER)) { @@ -102,7 +98,8 @@ template class TinyMap { vptr = reinterpret_cast(new EV()); } else { - for (typename EV::iterator n(reinterpret_cast(vptr)->begin()); n != reinterpret_cast(vptr)->end(); ++n) { + for (typename EV::iterator n(reinterpret_cast(vptr)->begin()); + n != reinterpret_cast(vptr)->end(); ++n) { if (n->first == key) { n->second = value; bucket.store(vptr, std::memory_order_release); @@ -110,7 +107,7 @@ template class TinyMap { } } } - reinterpret_cast(vptr)->push_back(std::pair(key, value)); + reinterpret_cast(vptr)->push_back(std::pair(key, value)); bucket.store(vptr, std::memory_order_release); return; } @@ -122,19 +119,20 @@ template class TinyMap { ZT_INLINE void erase(const uint64_t key) { - std::atomic& bucket = m_buckets[(key ^ (key >> 32)) & ZT_TINYMAP_BUCKETS_MASK]; + std::atomic &bucket = m_buckets[(key ^ (key >> 32)) & ZT_TINYMAP_BUCKETS_MASK]; for (;;) { uintptr_t vptr = bucket.exchange(ZT_TINYMAP_LOCKED_POINTER, std::memory_order_acquire); if (likely(vptr != ZT_TINYMAP_LOCKED_POINTER)) { if (likely(vptr != 0)) { - for (typename EV::iterator n(reinterpret_cast(vptr)->begin()); n != reinterpret_cast(vptr)->end(); ++n) { + for (typename EV::iterator n(reinterpret_cast(vptr)->begin()); + n != reinterpret_cast(vptr)->end(); ++n) { if (n->first == key) { - reinterpret_cast(vptr)->erase(n); + reinterpret_cast(vptr)->erase(n); break; } } - if (reinterpret_cast(vptr)->empty()) { - delete reinterpret_cast(vptr); + if (reinterpret_cast(vptr)->empty()) { + delete reinterpret_cast(vptr); vptr = 0; } } diff --git a/core/Topology.cpp b/core/Topology.cpp index fc0e45a78..1572137cb 100644 --- a/core/Topology.cpp +++ b/core/Topology.cpp @@ -19,14 +19,12 @@ namespace ZeroTier { -Topology::Topology(const Context& ctx, const CallContext& cc) : m_ctx(ctx) -{ -} +Topology::Topology(const Context &ctx, const CallContext &cc) : m_ctx(ctx) {} -SharedPtr Topology::add(const CallContext& cc, const SharedPtr& peer) +SharedPtr Topology::add(const CallContext &cc, const SharedPtr &peer) { RWMutex::Lock _l(m_peers_l); - SharedPtr& hp = m_peers[peer->address()]; + SharedPtr &hp = m_peers[peer->address()]; if (hp) return hp; m_loadCached(cc, peer->address(), hp); @@ -36,13 +34,13 @@ SharedPtr Topology::add(const CallContext& cc, const SharedPtr& peer return peer; } -void Topology::allPeers(Vector >& allPeers, Vector >& rootPeers) const +void Topology::allPeers(Vector> &allPeers, Vector> &rootPeers) const { allPeers.clear(); { RWMutex::RLock l(m_peers_l); allPeers.reserve(m_peers.size()); - for (Map >::const_iterator i(m_peers.begin()); i != m_peers.end(); ++i) + for (Map>::const_iterator i(m_peers.begin()); i != m_peers.end(); ++i) allPeers.push_back(i->second); } { @@ -51,7 +49,7 @@ void Topology::allPeers(Vector >& allPeers, Vector rootLookup; @@ -59,7 +57,7 @@ void Topology::doPeriodicTasks(const CallContext& cc) Mutex::Lock l(m_roots_l); m_rankRoots(); rootLookup.reserve(m_roots.size()); - for (Vector >::const_iterator r(m_roots.begin()); r != m_roots.end(); ++r) + for (Vector>::const_iterator r(m_roots.begin()); r != m_roots.end(); ++r) rootLookup.push_back((uintptr_t)r->ptr()); } std::sort(rootLookup.begin(), rootLookup.end()); @@ -71,20 +69,22 @@ void Topology::doPeriodicTasks(const CallContext& cc) Vector

toDelete; { RWMutex::RLock l1(m_peers_l); - for (Map >::iterator i(m_peers.begin()); i != m_peers.end(); ++i) { + for (Map>::iterator i(m_peers.begin()); i != m_peers.end(); ++i) { // TODO: also delete if the peer has not exchanged meaningful communication in a while, such as a // network frame or non-trivial control packet. - if (((cc.ticks - i->second->lastReceive()) > ZT_PEER_ALIVE_TIMEOUT) && (! std::binary_search(rootLookup.begin(), rootLookup.end(), reinterpret_cast(i->second.ptr())))) + if (((cc.ticks - i->second->lastReceive()) > ZT_PEER_ALIVE_TIMEOUT) + && (!std::binary_search( + rootLookup.begin(), rootLookup.end(), reinterpret_cast(i->second.ptr())))) toDelete.push_back(i->first); } } - if (! toDelete.empty()) { + if (!toDelete.empty()) { ZT_SPEW("garbage collecting %u offline or stale peer objects", (unsigned int)toDelete.size()); for (Vector
::iterator i(toDelete.begin()); i != toDelete.end(); ++i) { SharedPtr toSave; { RWMutex::Lock l1(m_peers_l); - const Map >::iterator p(m_peers.find(*i)); + const Map>::iterator p(m_peers.find(*i)); if (p != m_peers.end()) { p->second.swap(toSave); m_peers.erase(p); @@ -97,11 +97,11 @@ void Topology::doPeriodicTasks(const CallContext& cc) } { - Vector toDelete; + Vector toDelete; { RWMutex::Lock l1(m_paths_l); - for (Map >::iterator i(m_paths.begin()); i != m_paths.end();) { - Path* const d = i->second.weakGC(); + for (Map>::iterator i(m_paths.begin()); i != m_paths.end();) { + Path *const d = i->second.weakGC(); if (likely(d == nullptr)) { ++i; } @@ -116,24 +116,24 @@ void Topology::doPeriodicTasks(const CallContext& cc) } } } - if (! toDelete.empty()) { - for (Vector::iterator i(toDelete.begin()); i != toDelete.end(); ++i) + if (!toDelete.empty()) { + for (Vector::iterator i(toDelete.begin()); i != toDelete.end(); ++i) delete *i; ZT_SPEW("garbage collected %u orphaned paths", (unsigned int)toDelete.size()); } } } -void Topology::trustStoreChanged(const CallContext& cc) +void Topology::trustStoreChanged(const CallContext &cc) { - Map > roots(m_ctx.ts->roots()); + Map> roots(m_ctx.ts->roots()); - Vector > newRootList; + Vector> newRootList; newRootList.reserve(roots.size()); - for (Map >::const_iterator r(roots.begin()); r != roots.end(); ++r) { + for (Map>::const_iterator r(roots.begin()); r != roots.end(); ++r) { SharedPtr root(this->peer(cc, r->first.address(), true)); - if (! root) { + if (!root) { root.set(new Peer()); if (root->init(m_ctx, cc, r->first)) { root = this->add(cc, root); @@ -156,15 +156,15 @@ void Topology::trustStoreChanged(const CallContext& cc) } } -void Topology::saveAll(const CallContext& cc) +void Topology::saveAll(const CallContext &cc) { RWMutex::RLock l(m_peers_l); - for (Map >::iterator i(m_peers.begin()); i != m_peers.end(); ++i) + for (Map>::iterator i(m_peers.begin()); i != m_peers.end(); ++i) i->second->save(m_ctx, cc); } struct p_RootRankingComparisonOperator { - ZT_INLINE bool operator()(const SharedPtr& a, const SharedPtr& b) const noexcept + ZT_INLINE bool operator()(const SharedPtr &a, const SharedPtr &b) const noexcept { // Sort roots first in order of which root has spoken most recently, but // only at a resolution of ZT_PATH_KEEPALIVE_PERIOD/2 units of time. This @@ -202,7 +202,7 @@ void Topology::m_rankRoots() } } -void Topology::m_loadCached(const CallContext& cc, const Address& zta, SharedPtr& peer) +void Topology::m_loadCached(const CallContext &cc, const Address &zta, SharedPtr &peer) { // does not require any locks to be held @@ -212,12 +212,12 @@ void Topology::m_loadCached(const CallContext& cc, const Address& zta, SharedPtr id[1] = 0; Vector data(m_ctx.store->get(cc, ZT_STATE_OBJECT_PEER, id, 1)); if (data.size() > 8) { - const uint8_t* d = data.data(); - int dl = (int)data.size(); + const uint8_t *d = data.data(); + int dl = (int)data.size(); const int64_t ts = (int64_t)Utils::loadBigEndian(d); - Peer* const p = new Peer(); - int n = p->unmarshal(m_ctx, cc.ticks, d + 8, dl - 8); + Peer *const p = new Peer(); + int n = p->unmarshal(m_ctx, cc.ticks, d + 8, dl - 8); if (n < 0) { delete p; return; @@ -234,13 +234,13 @@ void Topology::m_loadCached(const CallContext& cc, const Address& zta, SharedPtr } } -SharedPtr Topology::m_peerFromCached(const CallContext& cc, const Address& zta) +SharedPtr Topology::m_peerFromCached(const CallContext &cc, const Address &zta) { SharedPtr p; m_loadCached(cc, zta, p); if (p) { RWMutex::Lock l(m_peers_l); - SharedPtr& hp = m_peers[zta]; + SharedPtr &hp = m_peers[zta]; if (hp) return hp; hp = p; @@ -248,11 +248,11 @@ SharedPtr Topology::m_peerFromCached(const CallContext& cc, const Address& return p; } -SharedPtr Topology::m_newPath(const int64_t l, const InetAddress& r, const Path::Key& k) +SharedPtr Topology::m_newPath(const int64_t l, const InetAddress &r, const Path::Key &k) { SharedPtr p(new Path(l, r)); RWMutex::Lock lck(m_paths_l); - SharedPtr& p2 = m_paths[k]; + SharedPtr &p2 = m_paths[k]; if (p2) return p2; p2 = p; diff --git a/core/Topology.hpp b/core/Topology.hpp index f7a19237f..f910c4286 100644 --- a/core/Topology.hpp +++ b/core/Topology.hpp @@ -39,7 +39,7 @@ class Context; */ class Topology { public: - Topology(const Context& ctx, const CallContext& cc); + Topology(const Context &ctx, const CallContext &cc); /** * Add peer to database @@ -50,7 +50,7 @@ class Topology { * @param peer Peer to add * @return New or existing peer */ - SharedPtr add(const CallContext& cc, const SharedPtr& peer); + SharedPtr add(const CallContext &cc, const SharedPtr &peer); /** * Get a peer from its address @@ -59,11 +59,11 @@ class Topology { * @param loadFromCached If false do not load from cache if not in memory (default: true) * @return Peer or NULL if not found */ - ZT_INLINE SharedPtr peer(const CallContext& cc, const Address& zta, const bool loadFromCached = true) + ZT_INLINE SharedPtr peer(const CallContext &cc, const Address &zta, const bool loadFromCached = true) { { RWMutex::RLock l(m_peers_l); - Map >::const_iterator ap(m_peers.find(zta)); + Map>::const_iterator ap(m_peers.find(zta)); if (likely(ap != m_peers.end())) return ap->second; } @@ -79,12 +79,12 @@ class Topology { * @param r Remote address * @return Pointer to canonicalized Path object or NULL on error */ - ZT_INLINE SharedPtr path(const int64_t l, const InetAddress& r) + ZT_INLINE SharedPtr path(const int64_t l, const InetAddress &r) { const Path::Key k(r); { RWMutex::RLock lck(m_paths_l); - Map >::const_iterator p(m_paths.find(k)); + Map>::const_iterator p(m_paths.find(k)); if (likely(p != m_paths.end())) return p->second; } @@ -109,7 +109,7 @@ class Topology { * * @param root Set to best root or nullptr if none */ - ZT_INLINE void root(SharedPtr& root) + ZT_INLINE void root(SharedPtr &root) { l_bestRoot.lock(); // spinlock root = m_bestRoot; @@ -120,17 +120,17 @@ class Topology { * @param allPeers Vector to fill with all current peers * @param rootPeers Vector to fill with peers that are roots */ - void allPeers(Vector >& allPeers, Vector >& rootPeers) const; + void allPeers(Vector> &allPeers, Vector> &rootPeers) const; /** * Do periodic tasks such as database cleanup, cert cleanup, root ranking, etc. */ - void doPeriodicTasks(const CallContext& cc); + void doPeriodicTasks(const CallContext &cc); /** * Rank root servers in descending order of quality */ - ZT_INLINE void rankRoots(const CallContext& cc) + ZT_INLINE void rankRoots(const CallContext &cc) { Mutex::Lock l(m_roots_l); m_rankRoots(); @@ -139,24 +139,24 @@ class Topology { /** * Perform internal updates based on changes in the trust store */ - void trustStoreChanged(const CallContext& cc); + void trustStoreChanged(const CallContext &cc); /** * Save all currently known peers to data store */ - void saveAll(const CallContext& cc); + void saveAll(const CallContext &cc); private: void m_rankRoots(); - void m_loadCached(const CallContext& cc, const Address& zta, SharedPtr& peer); - SharedPtr m_peerFromCached(const CallContext& cc, const Address& zta); - SharedPtr m_newPath(int64_t l, const InetAddress& r, const Path::Key& k); + void m_loadCached(const CallContext &cc, const Address &zta, SharedPtr &peer); + SharedPtr m_peerFromCached(const CallContext &cc, const Address &zta); + SharedPtr m_newPath(int64_t l, const InetAddress &r, const Path::Key &k); - const Context& m_ctx; + const Context &m_ctx; - Vector > m_roots; - Map > m_peers; - Map > m_paths; + Vector> m_roots; + Map> m_peers; + Map> m_paths; RWMutex m_peers_l; // m_peers RWMutex m_paths_l; // m_paths diff --git a/core/Trace.cpp b/core/Trace.cpp index dabef9ef8..a58eb13f0 100644 --- a/core/Trace.cpp +++ b/core/Trace.cpp @@ -23,11 +23,9 @@ namespace ZeroTier { -Trace::Trace(const Context& ctx) : m_ctx(ctx), m_traceFlags(0) -{ -} +Trace::Trace(const Context &ctx) : m_ctx(ctx), m_traceFlags(0) {} -void Trace::unexpectedError(const CallContext& cc, uint32_t codeLocation, const char* message, ...) +void Trace::unexpectedError(const CallContext &cc, uint32_t codeLocation, const char *message, ...) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_UNEXPECTED_ERROR); @@ -37,7 +35,9 @@ void Trace::unexpectedError(const CallContext& cc, uint32_t codeLocation, const m_ctx.node->postEvent(cc.tPtr, ZT_EVENT_TRACE, buf.data()); } -void Trace::m_resettingPathsInScope(void* tPtr, uint32_t codeLocation, const Identity& reporter, const InetAddress& from, const InetAddress& oldExternal, const InetAddress& newExternal, ZT_InetAddress_IpScope scope) +void Trace::m_resettingPathsInScope( + void *tPtr, uint32_t codeLocation, const Identity &reporter, const InetAddress &from, + const InetAddress &oldExternal, const InetAddress &newExternal, ZT_InetAddress_IpScope scope) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_RESETTING_PATHS_IN_SCOPE); @@ -56,14 +56,9 @@ void Trace::m_resettingPathsInScope(void* tPtr, uint32_t codeLocation, const Ide } void Trace::m_tryingNewPath( - void* tPtr, - uint32_t codeLocation, - const Identity& trying, - const InetAddress& physicalAddress, - const InetAddress& triggerAddress, - uint64_t triggeringPacketId, - uint8_t triggeringPacketVerb, - const Identity& triggeringPeer) + void *tPtr, uint32_t codeLocation, const Identity &trying, const InetAddress &physicalAddress, + const InetAddress &triggerAddress, uint64_t triggeringPacketId, uint8_t triggeringPacketVerb, + const Identity &triggeringPeer) { if ((trying) && (physicalAddress)) { FCV buf; @@ -82,7 +77,9 @@ void Trace::m_tryingNewPath( } } -void Trace::m_learnedNewPath(void* tPtr, uint32_t codeLocation, uint64_t packetId, const Identity& peerIdentity, const InetAddress& physicalAddress, const InetAddress& replaced) +void Trace::m_learnedNewPath( + void *tPtr, uint32_t codeLocation, uint64_t packetId, const Identity &peerIdentity, + const InetAddress &physicalAddress, const InetAddress &replaced) { if (peerIdentity) { FCV buf; @@ -99,7 +96,9 @@ void Trace::m_learnedNewPath(void* tPtr, uint32_t codeLocation, uint64_t packetI } } -void Trace::m_incomingPacketDropped(void* tPtr, uint32_t codeLocation, uint64_t packetId, uint64_t networkId, const Identity& peerIdentity, const InetAddress& physicalAddress, uint8_t hops, uint8_t verb, ZT_TracePacketDropReason reason) +void Trace::m_incomingPacketDropped( + void *tPtr, uint32_t codeLocation, uint64_t packetId, uint64_t networkId, const Identity &peerIdentity, + const InetAddress &physicalAddress, uint8_t hops, uint8_t verb, ZT_TracePacketDropReason reason) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_INCOMING_PACKET_DROPPED); @@ -117,7 +116,9 @@ void Trace::m_incomingPacketDropped(void* tPtr, uint32_t codeLocation, uint64_t m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data()); } -void Trace::m_outgoingNetworkFrameDropped(void* tPtr, uint32_t codeLocation, uint64_t networkId, const MAC& sourceMac, const MAC& destMac, uint16_t etherType, uint16_t frameLength, const uint8_t* frameData, ZT_TraceFrameDropReason reason) +void Trace::m_outgoingNetworkFrameDropped( + void *tPtr, uint32_t codeLocation, uint64_t networkId, const MAC &sourceMac, const MAC &destMac, uint16_t etherType, + uint16_t frameLength, const uint8_t *frameData, ZT_TraceFrameDropReason reason) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL1_INCOMING_PACKET_DROPPED); @@ -128,26 +129,17 @@ void Trace::m_outgoingNetworkFrameDropped(void* tPtr, uint32_t codeLocation, uin Dictionary::append(buf, ZT_TRACE_FIELD_ETHERTYPE, etherType); Dictionary::append(buf, ZT_TRACE_FIELD_FRAME_LENGTH, frameLength); if (frameData) - Dictionary::append(buf, ZT_TRACE_FIELD_FRAME_DATA, frameData, std::min((unsigned int)64, (unsigned int)frameLength)); + Dictionary::append( + buf, ZT_TRACE_FIELD_FRAME_DATA, frameData, std::min((unsigned int)64, (unsigned int)frameLength)); Dictionary::append(buf, ZT_TRACE_FIELD_REASON, reason); buf.push_back(0); m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data()); } void Trace::m_incomingNetworkFrameDropped( - void* tPtr, - uint32_t codeLocation, - uint64_t networkId, - const MAC& sourceMac, - const MAC& destMac, - const uint16_t etherType, - const Identity& peerIdentity, - const InetAddress& physicalAddress, - uint8_t hops, - uint16_t frameLength, - const uint8_t* frameData, - uint8_t verb, - bool credentialRequestSent, + void *tPtr, uint32_t codeLocation, uint64_t networkId, const MAC &sourceMac, const MAC &destMac, + const uint16_t etherType, const Identity &peerIdentity, const InetAddress &physicalAddress, uint8_t hops, + uint16_t frameLength, const uint8_t *frameData, uint8_t verb, bool credentialRequestSent, ZT_TraceFrameDropReason reason) { FCV buf; @@ -164,14 +156,15 @@ void Trace::m_incomingNetworkFrameDropped( Dictionary::append(buf, ZT_TRACE_FIELD_PACKET_VERB, verb); Dictionary::append(buf, ZT_TRACE_FIELD_FRAME_LENGTH, frameLength); if (frameData) - Dictionary::append(buf, ZT_TRACE_FIELD_FRAME_DATA, frameData, std::min((unsigned int)64, (unsigned int)frameLength)); + Dictionary::append( + buf, ZT_TRACE_FIELD_FRAME_DATA, frameData, std::min((unsigned int)64, (unsigned int)frameLength)); Dictionary::append(buf, ZT_TRACE_FIELD_FLAG_CREDENTIAL_REQUEST_SENT, credentialRequestSent); Dictionary::append(buf, ZT_TRACE_FIELD_REASON, reason); buf.push_back(0); m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data()); } -void Trace::m_networkConfigRequestSent(void* tPtr, uint32_t codeLocation, uint64_t networkId) +void Trace::m_networkConfigRequestSent(void *tPtr, uint32_t codeLocation, uint64_t networkId) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL2_NETWORK_CONFIG_REQUESTED); @@ -182,32 +175,18 @@ void Trace::m_networkConfigRequestSent(void* tPtr, uint32_t codeLocation, uint64 } void Trace::m_networkFilter( - void* tPtr, - uint32_t codeLocation, - uint64_t networkId, - const uint8_t* primaryRuleSetLog, - const uint8_t* matchingCapabilityRuleSetLog, - uint32_t matchingCapabilityId, - int64_t matchingCapabilityTimestamp, - const Address& source, - const Address& dest, - const MAC& sourceMac, - const MAC& destMac, - uint16_t frameLength, - const uint8_t* frameData, - uint16_t etherType, - uint16_t vlanId, - bool noTee, - bool inbound, - int accept) + void *tPtr, uint32_t codeLocation, uint64_t networkId, const uint8_t *primaryRuleSetLog, + const uint8_t *matchingCapabilityRuleSetLog, uint32_t matchingCapabilityId, int64_t matchingCapabilityTimestamp, + const Address &source, const Address &dest, const MAC &sourceMac, const MAC &destMac, uint16_t frameLength, + const uint8_t *frameData, uint16_t etherType, uint16_t vlanId, bool noTee, bool inbound, int accept) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL2_NETWORK_FILTER); Dictionary::append(buf, ZT_TRACE_FIELD_CODE_LOCATION, codeLocation); Dictionary::append(buf, ZT_TRACE_FIELD_NETWORK_ID, networkId); - if ((primaryRuleSetLog) && (! Utils::allZero(primaryRuleSetLog, 512))) + if ((primaryRuleSetLog) && (!Utils::allZero(primaryRuleSetLog, 512))) Dictionary::append(buf, ZT_TRACE_FIELD_PRIMARY_RULE_SET_LOG, primaryRuleSetLog, 512); - if ((matchingCapabilityRuleSetLog) && (! Utils::allZero(matchingCapabilityRuleSetLog, 512))) + if ((matchingCapabilityRuleSetLog) && (!Utils::allZero(matchingCapabilityRuleSetLog, 512))) Dictionary::append(buf, ZT_TRACE_FIELD_MATCHING_CAPABILITY_RULE_SET_LOG, matchingCapabilityRuleSetLog, 512); Dictionary::append(buf, ZT_TRACE_FIELD_MATCHING_CAPABILITY_ID, matchingCapabilityId); Dictionary::append(buf, ZT_TRACE_FIELD_MATCHING_CAPABILITY_TIMESTAMP, matchingCapabilityTimestamp); @@ -217,7 +196,8 @@ void Trace::m_networkFilter( Dictionary::append(buf, ZT_TRACE_FIELD_DEST_MAC, destMac.toInt()); Dictionary::append(buf, ZT_TRACE_FIELD_FRAME_LENGTH, frameLength); if (frameData) - Dictionary::append(buf, ZT_TRACE_FIELD_FRAME_DATA, frameData, std::min((unsigned int)64, (unsigned int)frameLength)); + Dictionary::append( + buf, ZT_TRACE_FIELD_FRAME_DATA, frameData, std::min((unsigned int)64, (unsigned int)frameLength)); Dictionary::append(buf, ZT_TRACE_FIELD_ETHERTYPE, etherType); Dictionary::append(buf, ZT_TRACE_FIELD_VLAN_ID, vlanId); Dictionary::append(buf, ZT_TRACE_FIELD_RULE_FLAG_NOTEE, noTee); @@ -227,7 +207,9 @@ void Trace::m_networkFilter( m_ctx.node->postEvent(tPtr, ZT_EVENT_TRACE, buf.data()); } -void Trace::m_credentialRejected(void* tPtr, uint32_t codeLocation, uint64_t networkId, const Identity& identity, uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason) +void Trace::m_credentialRejected( + void *tPtr, uint32_t codeLocation, uint64_t networkId, const Identity &identity, uint32_t credentialId, + int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason) { FCV buf; Dictionary::append(buf, ZT_TRACE_FIELD_TYPE, ZT_TRACE_VL2_NETWORK_CREDENTIAL_REJECTED); diff --git a/core/Trace.hpp b/core/Trace.hpp index c5baaeb48..0fb863220 100644 --- a/core/Trace.hpp +++ b/core/Trace.hpp @@ -71,209 +71,144 @@ class Trace { l[rn >> 1U] |= (thisSetMatches + 1U) << ((rn & 1U) << 2U); } - ZT_INLINE void clear() noexcept - { - memoryZero(this); - } + ZT_INLINE void clear() noexcept { memoryZero(this); } }; - explicit Trace(const Context& ctx); + explicit Trace(const Context &ctx); - void unexpectedError(const CallContext& cc, uint32_t codeLocation, const char* message, ...); + void unexpectedError(const CallContext &cc, uint32_t codeLocation, const char *message, ...); - ZT_INLINE void - resettingPathsInScope(const CallContext& cc, const uint32_t codeLocation, const Identity& reporter, const InetAddress& from, const InetAddress& oldExternal, const InetAddress& newExternal, const InetAddress::IpScope scope) + ZT_INLINE void resettingPathsInScope( + const CallContext &cc, const uint32_t codeLocation, const Identity &reporter, const InetAddress &from, + const InetAddress &oldExternal, const InetAddress &newExternal, const InetAddress::IpScope scope) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0)) m_resettingPathsInScope(cc.tPtr, codeLocation, reporter, from, oldExternal, newExternal, scope); } ZT_INLINE void tryingNewPath( - const CallContext& cc, - const uint32_t codeLocation, - const Identity& trying, - const InetAddress& physicalAddress, - const InetAddress& triggerAddress, - uint64_t triggeringPacketId, - uint8_t triggeringPacketVerb, - const Identity& triggeringPeer) + const CallContext &cc, const uint32_t codeLocation, const Identity &trying, const InetAddress &physicalAddress, + const InetAddress &triggerAddress, uint64_t triggeringPacketId, uint8_t triggeringPacketVerb, + const Identity &triggeringPeer) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0)) - m_tryingNewPath(cc.tPtr, codeLocation, trying, physicalAddress, triggerAddress, triggeringPacketId, triggeringPacketVerb, triggeringPeer); + m_tryingNewPath( + cc.tPtr, codeLocation, trying, physicalAddress, triggerAddress, triggeringPacketId, + triggeringPacketVerb, triggeringPeer); } - ZT_INLINE void learnedNewPath(const CallContext& cc, const uint32_t codeLocation, uint64_t packetId, const Identity& peerIdentity, const InetAddress& physicalAddress, const InetAddress& replaced) + ZT_INLINE void learnedNewPath( + const CallContext &cc, const uint32_t codeLocation, uint64_t packetId, const Identity &peerIdentity, + const InetAddress &physicalAddress, const InetAddress &replaced) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0)) m_learnedNewPath(cc.tPtr, codeLocation, packetId, peerIdentity, physicalAddress, replaced); } ZT_INLINE void incomingPacketDropped( - const CallContext& cc, - const uint32_t codeLocation, - uint64_t packetId, - uint64_t networkId, - const Identity& peerIdentity, - const InetAddress& physicalAddress, - uint8_t hops, - uint8_t verb, + const CallContext &cc, const uint32_t codeLocation, uint64_t packetId, uint64_t networkId, + const Identity &peerIdentity, const InetAddress &physicalAddress, uint8_t hops, uint8_t verb, const ZT_TracePacketDropReason reason) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL1) != 0)) - m_incomingPacketDropped(cc.tPtr, codeLocation, packetId, networkId, peerIdentity, physicalAddress, hops, verb, reason); + m_incomingPacketDropped( + cc.tPtr, codeLocation, packetId, networkId, peerIdentity, physicalAddress, hops, verb, reason); } ZT_INLINE void outgoingNetworkFrameDropped( - const CallContext& cc, - const uint32_t codeLocation, - uint64_t networkId, - const MAC& sourceMac, - const MAC& destMac, - uint16_t etherType, - uint16_t frameLength, - const uint8_t* frameData, + const CallContext &cc, const uint32_t codeLocation, uint64_t networkId, const MAC &sourceMac, + const MAC &destMac, uint16_t etherType, uint16_t frameLength, const uint8_t *frameData, ZT_TraceFrameDropReason reason) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0)) - m_outgoingNetworkFrameDropped(cc.tPtr, codeLocation, networkId, sourceMac, destMac, etherType, frameLength, frameData, reason); + m_outgoingNetworkFrameDropped( + cc.tPtr, codeLocation, networkId, sourceMac, destMac, etherType, frameLength, frameData, reason); } ZT_INLINE void incomingNetworkFrameDropped( - const CallContext& cc, - const uint32_t codeLocation, - uint64_t networkId, - const MAC& sourceMac, - const MAC& destMac, - const uint16_t etherType, - const Identity& peerIdentity, - const InetAddress& physicalAddress, - uint8_t hops, - uint16_t frameLength, - const uint8_t* frameData, - uint8_t verb, - bool credentialRequestSent, + const CallContext &cc, const uint32_t codeLocation, uint64_t networkId, const MAC &sourceMac, + const MAC &destMac, const uint16_t etherType, const Identity &peerIdentity, const InetAddress &physicalAddress, + uint8_t hops, uint16_t frameLength, const uint8_t *frameData, uint8_t verb, bool credentialRequestSent, ZT_TraceFrameDropReason reason) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0)) - m_incomingNetworkFrameDropped(cc.tPtr, codeLocation, networkId, sourceMac, destMac, etherType, peerIdentity, physicalAddress, hops, frameLength, frameData, verb, credentialRequestSent, reason); + m_incomingNetworkFrameDropped( + cc.tPtr, codeLocation, networkId, sourceMac, destMac, etherType, peerIdentity, physicalAddress, hops, + frameLength, frameData, verb, credentialRequestSent, reason); } - ZT_INLINE void networkConfigRequestSent(const CallContext& cc, const uint32_t codeLocation, uint64_t networkId) + ZT_INLINE void networkConfigRequestSent(const CallContext &cc, const uint32_t codeLocation, uint64_t networkId) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0)) m_networkConfigRequestSent(cc.tPtr, codeLocation, networkId); } ZT_INLINE void networkFilter( - const CallContext& cc, - const uint32_t codeLocation, - uint64_t networkId, - const uint8_t primaryRuleSetLog[512], - const uint8_t matchingCapabilityRuleSetLog[512], - uint32_t matchingCapabilityId, - int64_t matchingCapabilityTimestamp, - const Address& source, - const Address& dest, - const MAC& sourceMac, - const MAC& destMac, - uint16_t frameLength, - const uint8_t* frameData, - uint16_t etherType, - uint16_t vlanId, - bool noTee, - bool inbound, - int accept) + const CallContext &cc, const uint32_t codeLocation, uint64_t networkId, const uint8_t primaryRuleSetLog[512], + const uint8_t matchingCapabilityRuleSetLog[512], uint32_t matchingCapabilityId, + int64_t matchingCapabilityTimestamp, const Address &source, const Address &dest, const MAC &sourceMac, + const MAC &destMac, uint16_t frameLength, const uint8_t *frameData, uint16_t etherType, uint16_t vlanId, + bool noTee, bool inbound, int accept) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL2_FILTER) != 0)) { m_networkFilter( - cc.tPtr, - codeLocation, - networkId, - primaryRuleSetLog, - matchingCapabilityRuleSetLog, - matchingCapabilityId, - matchingCapabilityTimestamp, - source, - dest, - sourceMac, - destMac, - frameLength, - frameData, - etherType, - vlanId, - noTee, - inbound, - accept); + cc.tPtr, codeLocation, networkId, primaryRuleSetLog, matchingCapabilityRuleSetLog, matchingCapabilityId, + matchingCapabilityTimestamp, source, dest, sourceMac, destMac, frameLength, frameData, etherType, + vlanId, noTee, inbound, accept); } } - ZT_INLINE void - credentialRejected(const CallContext& cc, const uint32_t codeLocation, uint64_t networkId, const Identity& identity, uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason) + ZT_INLINE void credentialRejected( + const CallContext &cc, const uint32_t codeLocation, uint64_t networkId, const Identity &identity, + uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, + ZT_TraceCredentialRejectionReason reason) { if (unlikely((m_traceFlags & ZT_TRACE_F_VL2) != 0)) - m_credentialRejected(cc.tPtr, codeLocation, networkId, identity, credentialId, credentialTimestamp, credentialType, reason); + m_credentialRejected( + cc.tPtr, codeLocation, networkId, identity, credentialId, credentialTimestamp, credentialType, reason); } private: - void m_resettingPathsInScope(void* tPtr, uint32_t codeLocation, const Identity& reporter, const InetAddress& from, const InetAddress& oldExternal, const InetAddress& newExternal, InetAddress::IpScope scope); + void m_resettingPathsInScope( + void *tPtr, uint32_t codeLocation, const Identity &reporter, const InetAddress &from, + const InetAddress &oldExternal, const InetAddress &newExternal, InetAddress::IpScope scope); void m_tryingNewPath( - void* tPtr, - uint32_t codeLocation, - const Identity& trying, - const InetAddress& physicalAddress, - const InetAddress& triggerAddress, - uint64_t triggeringPacketId, - uint8_t triggeringPacketVerb, - const Identity& triggeringPeer); + void *tPtr, uint32_t codeLocation, const Identity &trying, const InetAddress &physicalAddress, + const InetAddress &triggerAddress, uint64_t triggeringPacketId, uint8_t triggeringPacketVerb, + const Identity &triggeringPeer); - void m_learnedNewPath(void* tPtr, uint32_t codeLocation, uint64_t packetId, const Identity& peerIdentity, const InetAddress& physicalAddress, const InetAddress& replaced); + void m_learnedNewPath( + void *tPtr, uint32_t codeLocation, uint64_t packetId, const Identity &peerIdentity, + const InetAddress &physicalAddress, const InetAddress &replaced); - void m_incomingPacketDropped(void* tPtr, uint32_t codeLocation, uint64_t packetId, uint64_t networkId, const Identity& peerIdentity, const InetAddress& physicalAddress, uint8_t hops, uint8_t verb, ZT_TracePacketDropReason reason); + void m_incomingPacketDropped( + void *tPtr, uint32_t codeLocation, uint64_t packetId, uint64_t networkId, const Identity &peerIdentity, + const InetAddress &physicalAddress, uint8_t hops, uint8_t verb, ZT_TracePacketDropReason reason); - void m_outgoingNetworkFrameDropped(void* tPtr, uint32_t codeLocation, uint64_t networkId, const MAC& sourceMac, const MAC& destMac, uint16_t etherType, uint16_t frameLength, const uint8_t* frameData, ZT_TraceFrameDropReason reason); + void m_outgoingNetworkFrameDropped( + void *tPtr, uint32_t codeLocation, uint64_t networkId, const MAC &sourceMac, const MAC &destMac, + uint16_t etherType, uint16_t frameLength, const uint8_t *frameData, ZT_TraceFrameDropReason reason); void m_incomingNetworkFrameDropped( - void* tPtr, - uint32_t codeLocation, - uint64_t networkId, - const MAC& sourceMac, - const MAC& destMac, - const uint16_t etherType, - const Identity& peerIdentity, - const InetAddress& physicalAddress, - uint8_t hops, - uint16_t frameLength, - const uint8_t* frameData, - uint8_t verb, - bool credentialRequestSent, + void *tPtr, uint32_t codeLocation, uint64_t networkId, const MAC &sourceMac, const MAC &destMac, + const uint16_t etherType, const Identity &peerIdentity, const InetAddress &physicalAddress, uint8_t hops, + uint16_t frameLength, const uint8_t *frameData, uint8_t verb, bool credentialRequestSent, ZT_TraceFrameDropReason reason); - void m_networkConfigRequestSent(void* tPtr, uint32_t codeLocation, uint64_t networkId); + void m_networkConfigRequestSent(void *tPtr, uint32_t codeLocation, uint64_t networkId); void m_networkFilter( - void* tPtr, - uint32_t codeLocation, - uint64_t networkId, - const uint8_t* primaryRuleSetLog, - const uint8_t* matchingCapabilityRuleSetLog, - uint32_t matchingCapabilityId, - int64_t matchingCapabilityTimestamp, - const Address& source, - const Address& dest, - const MAC& sourceMac, - const MAC& destMac, - uint16_t frameLength, - const uint8_t* frameData, - uint16_t etherType, - uint16_t vlanId, - bool noTee, - bool inbound, - int accept); + void *tPtr, uint32_t codeLocation, uint64_t networkId, const uint8_t *primaryRuleSetLog, + const uint8_t *matchingCapabilityRuleSetLog, uint32_t matchingCapabilityId, int64_t matchingCapabilityTimestamp, + const Address &source, const Address &dest, const MAC &sourceMac, const MAC &destMac, uint16_t frameLength, + const uint8_t *frameData, uint16_t etherType, uint16_t vlanId, bool noTee, bool inbound, int accept); - void m_credentialRejected(void* tPtr, uint32_t codeLocation, uint64_t networkId, const Identity& identity, uint32_t credentialId, int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason); + void m_credentialRejected( + void *tPtr, uint32_t codeLocation, uint64_t networkId, const Identity &identity, uint32_t credentialId, + int64_t credentialTimestamp, uint8_t credentialType, ZT_TraceCredentialRejectionReason reason); - const Context& m_ctx; + const Context &m_ctx; volatile unsigned int m_traceFlags; // faster than atomic, but may not "instantly" change... should be okay }; diff --git a/core/TriviallyCopyable.hpp b/core/TriviallyCopyable.hpp index ca6370aa2..72942d9bd 100644 --- a/core/TriviallyCopyable.hpp +++ b/core/TriviallyCopyable.hpp @@ -32,7 +32,7 @@ struct TriviallyCopyable { * @tparam T Automatically inferred type of object * @param obj Any TriviallyCopyable object */ - template static ZT_INLINE void memoryZero(T* obj) noexcept + template static ZT_INLINE void memoryZero(T *obj) noexcept { mustBeTriviallyCopyable(obj); Utils::zero(obj); @@ -44,19 +44,15 @@ struct TriviallyCopyable { * @tparam T Automatically inferred type of object * @param obj Any TriviallyCopyable object */ - template static ZT_INLINE void memoryZero(T& obj) noexcept + template static ZT_INLINE void memoryZero(T &obj) noexcept { mustBeTriviallyCopyable(obj); Utils::zero(&obj); } private: - static ZT_INLINE void mustBeTriviallyCopyable(const TriviallyCopyable&) noexcept - { - } - static ZT_INLINE void mustBeTriviallyCopyable(const TriviallyCopyable*) noexcept - { - } + static ZT_INLINE void mustBeTriviallyCopyable(const TriviallyCopyable &) noexcept {} + static ZT_INLINE void mustBeTriviallyCopyable(const TriviallyCopyable *) noexcept {} }; } // namespace ZeroTier diff --git a/core/TrustStore.cpp b/core/TrustStore.cpp index 34b199a8e..33799d8f4 100644 --- a/core/TrustStore.cpp +++ b/core/TrustStore.cpp @@ -17,41 +17,41 @@ namespace ZeroTier { -TrustStore::TrustStore() -{ -} +TrustStore::TrustStore() {} -TrustStore::~TrustStore() -{ -} +TrustStore::~TrustStore() {} -SharedPtr TrustStore::get(const H384& serial) const +SharedPtr TrustStore::get(const H384 &serial) const { RWMutex::RLock l(m_lock); - Map >::const_iterator c(m_bySerial.find(serial)); + Map>::const_iterator c(m_bySerial.find(serial)); return (c != m_bySerial.end()) ? c->second : SharedPtr(); } -Map > TrustStore::roots() +Map> TrustStore::roots() { RWMutex::RLock l(m_lock); - Map > r; + Map> r; // Iterate using m_bySubjectIdentity to only scan certificates with subject identities. // This map also does not contian error or deprecated certificates. - for (Map > >::const_iterator cv(m_bySubjectIdentity.begin()); cv != m_bySubjectIdentity.end(); ++cv) { - for (Vector >::const_iterator c(cv->second.begin()); c != cv->second.end(); ++c) { + for (Map>>::const_iterator cv(m_bySubjectIdentity.begin()); + cv != m_bySubjectIdentity.end(); ++cv) { + for (Vector>::const_iterator c(cv->second.begin()); c != cv->second.end(); ++c) { // A root set cert must be marked for this use and authorized to influence this node's config. - if ((((*c)->m_certificate.usageFlags & ZT_CERTIFICATE_USAGE_ZEROTIER_ROOT_SET) != 0) && (((*c)->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_CONFIG) != 0)) { + if ((((*c)->m_certificate.usageFlags & ZT_CERTIFICATE_USAGE_ZEROTIER_ROOT_SET) != 0) + && (((*c)->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_CONFIG) != 0)) { // Add all identities to the root set, and for each entry in the set make sure we have the latest // locator if there's more than one cert with one. for (unsigned int j = 0; j < (*c)->certificate().subject.identityCount; ++j) { - const Identity* const id = reinterpret_cast((*c)->certificate().subject.identities[j].identity); + const Identity *const id = + reinterpret_cast((*c)->certificate().subject.identities[j].identity); if ((id) && (*id)) { // sanity check - SharedPtr& existingLoc = r[*id]; - const Locator* const loc = reinterpret_cast((*c)->certificate().subject.identities[j].locator); + SharedPtr &existingLoc = r[*id]; + const Locator *const loc = + reinterpret_cast((*c)->certificate().subject.identities[j].locator); if (loc) { - if ((! existingLoc) || (existingLoc->revision() < loc->revision())) + if ((!existingLoc) || (existingLoc->revision() < loc->revision())) existingLoc.set(new Locator(*loc)); } } @@ -62,43 +62,43 @@ Map > TrustStore::roots() return r; } -Vector > TrustStore::all(const bool includeRejectedCertificates) const +Vector> TrustStore::all(const bool includeRejectedCertificates) const { RWMutex::RLock l(m_lock); - Vector > r; + Vector> r; r.reserve(m_bySerial.size()); - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { if ((includeRejectedCertificates) || (c->second->error() == ZT_CERTIFICATE_ERROR_NONE)) r.push_back(c->second); } return r; } -void TrustStore::add(const Certificate& cert, const unsigned int localTrust) +void TrustStore::add(const Certificate &cert, const unsigned int localTrust) { RWMutex::Lock l(m_lock); m_addQueue.push_front(SharedPtr(new Entry(this->m_lock, cert, localTrust))); } -void TrustStore::erase(const H384& serial) +void TrustStore::erase(const H384 &serial) { RWMutex::Lock l(m_lock); m_deleteQueue.push_front(serial); } -bool TrustStore::update(const int64_t clock, Vector >* const purge) +bool TrustStore::update(const int64_t clock, Vector> *const purge) { RWMutex::Lock l(m_lock); // Check for certificate time validity status changes. If any of these occur then // full re-validation is required. bool errorStateModified = false; - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { const bool timeValid = c->second->m_certificate.verifyTimeWindow(clock); switch (c->second->m_error) { case ZT_CERTIFICATE_ERROR_NONE: case ZT_CERTIFICATE_ERROR_INVALID_CHAIN: - if (! timeValid) { + if (!timeValid) { c->second->m_error = ZT_CERTIFICATE_ERROR_OUT_OF_VALID_TIME_WINDOW; errorStateModified = true; } @@ -109,46 +109,45 @@ bool TrustStore::update(const int64_t clock, Vector >* const pu errorStateModified = true; } break; - default: - break; + default: break; } } // If there were not any such changes and if the add and delete queues are empty, // there is nothing more to be done. - if ((! errorStateModified) && (m_addQueue.empty()) && (m_deleteQueue.empty())) + if ((!errorStateModified) && (m_addQueue.empty()) && (m_deleteQueue.empty())) return false; // Add new certificates to m_bySerial, which is the master certificate set. They still // have yet to have their full certificate chains validated. Full signature checking is // performed here. - while (! m_addQueue.empty()) { - SharedPtr& qi = m_addQueue.front(); - qi->m_error = qi->m_certificate.verify(clock, true); + while (!m_addQueue.empty()) { + SharedPtr &qi = m_addQueue.front(); + qi->m_error = qi->m_certificate.verify(clock, true); m_bySerial[H384(qi->m_certificate.serialNo)].move(qi); m_addQueue.pop_front(); } // Delete any certificates enqueued to be deleted. - while (! m_deleteQueue.empty()) { + while (!m_deleteQueue.empty()) { m_bySerial.erase(m_deleteQueue.front()); m_deleteQueue.pop_front(); } // Reset flags for deprecation and a cert being on a trust path, which are // recomputed when chain and subjects are checked below. - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { if (c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) { c->second->m_subjectDeprecated = false; - c->second->m_onTrustPath = false; + c->second->m_onTrustPath = false; } } // Validate certificate trust paths. { - Vector visited; + Vector visited; visited.reserve(8); - for (Map >::iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { + for (Map>::iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { if (c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) { if (c->second->m_certificate.isSelfSigned()) { // If this is a self-signed certificate it's only valid if it's trusted as a CA. @@ -157,34 +156,44 @@ bool TrustStore::update(const int64_t clock, Vector >* const pu } } else { - if ((! c->second->m_onTrustPath) && ((c->second->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_ROOT_CA) == 0)) { + if ((!c->second->m_onTrustPath) + && ((c->second->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_ROOT_CA) == 0)) { // Trace the path of each certificate all the way back to a trusted CA. unsigned int pathLength = 0; - Map >::const_iterator current(c); + Map>::const_iterator current(c); visited.clear(); for (;;) { if (pathLength <= current->second->m_certificate.maxPathLength) { - // Check if this cert isn't a CA or already part of a valid trust path. If so then step upward - // toward CA. - if (((current->second->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_ROOT_CA) == 0) && (! current->second->m_onTrustPath)) { - // If the issuer (parent) certificiate is (1) valid, (2) not already visited (to prevent - // loops), and (3) has a public key that matches this cert's issuer public key (sanity - // check), proceed up the certificate graph toward a potential CA. + // Check if this cert isn't a CA or already part of a valid trust path. If so then step + // upward toward CA. + if (((current->second->m_localTrust & ZT_CERTIFICATE_LOCAL_TRUST_FLAG_ROOT_CA) == 0) + && (!current->second->m_onTrustPath)) { + // If the issuer (parent) certificiate is (1) valid, (2) not already visited (to + // prevent loops), and (3) has a public key that matches this cert's issuer public + // key (sanity check), proceed up the certificate graph toward a potential CA. visited.push_back(current->second.ptr()); - const Map >::const_iterator prevChild(current); + const Map>::const_iterator prevChild(current); current = m_bySerial.find(H384(current->second->m_certificate.issuer)); - if ((current != m_bySerial.end()) && (std::find(visited.begin(), visited.end(), current->second.ptr()) == visited.end()) && (current->second->m_error == ZT_CERTIFICATE_ERROR_NONE) - && (current->second->m_certificate.publicKeySize == prevChild->second->m_certificate.issuerPublicKeySize) - && (memcmp(current->second->m_certificate.publicKey, prevChild->second->m_certificate.issuerPublicKey, current->second->m_certificate.publicKeySize) == 0)) { + if ((current != m_bySerial.end()) + && (std::find(visited.begin(), visited.end(), current->second.ptr()) + == visited.end()) + && (current->second->m_error == ZT_CERTIFICATE_ERROR_NONE) + && (current->second->m_certificate.publicKeySize + == prevChild->second->m_certificate.issuerPublicKeySize) + && (memcmp( + current->second->m_certificate.publicKey, + prevChild->second->m_certificate.issuerPublicKey, + current->second->m_certificate.publicKeySize) + == 0)) { ++pathLength; continue; } } else { - // If we've traced this to a root CA, flag its parents as also being on a trust path. Then - // break the loop without setting an error. We don't flag the current cert as being on a - // trust path since no other certificates depend on it. - for (Vector::const_iterator v(visited.begin()); v != visited.end(); ++v) { + // If we've traced this to a root CA, flag its parents as also being on a trust + // path. Then break the loop without setting an error. We don't flag the current + // cert as being on a trust path since no other certificates depend on it. + for (Vector::const_iterator v(visited.begin()); v != visited.end(); ++v) { if (*v != c->second.ptr()) (*v)->m_onTrustPath = true; } @@ -207,25 +216,29 @@ bool TrustStore::update(const int64_t clock, Vector >* const pu // certificates for the same subject as deprecated. A deprecated certificate is not invalid // but will be purged if it is also not part of a trust path. Error certificates are ignored. m_bySubjectUniqueId.clear(); - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end();) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end();) { if (c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) { const unsigned int uniqueIdSize = c->second->m_certificate.subject.uniqueIdSize; if ((uniqueIdSize > 0) && (uniqueIdSize <= ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE)) { - SharedPtr& entry = m_bySubjectUniqueId[Blob(c->second->m_certificate.subject.uniqueId, uniqueIdSize)]; + SharedPtr &entry = m_bySubjectUniqueId[Blob( + c->second->m_certificate.subject.uniqueId, uniqueIdSize)]; if (entry) { // If there's already an entry, see if there's a newer certificate for this subject. if (c->second->m_certificate.subject.timestamp > entry->m_certificate.subject.timestamp) { entry->m_subjectDeprecated = true; - entry = c->second; + entry = c->second; } else if (c->second->m_certificate.subject.timestamp < entry->m_certificate.subject.timestamp) { c->second->m_subjectDeprecated = true; } else { // Equal timestamps should never happen, but handle it anyway by comparing serials. - if (memcmp(c->second->m_certificate.serialNo, entry->m_certificate.serialNo, ZT_CERTIFICATE_HASH_SIZE) > 0) { + if (memcmp( + c->second->m_certificate.serialNo, entry->m_certificate.serialNo, + ZT_CERTIFICATE_HASH_SIZE) + > 0) { entry->m_subjectDeprecated = true; - entry = c->second; + entry = c->second; } else { c->second->m_subjectDeprecated = true; @@ -242,10 +255,11 @@ bool TrustStore::update(const int64_t clock, Vector >* const pu // Populate mapping of identities to certificates whose subjects reference them, ignoring // error or deprecated certificates. m_bySubjectIdentity.clear(); - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { - if ((c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) && (! c->second->m_subjectDeprecated)) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { + if ((c->second->m_error == ZT_CERTIFICATE_ERROR_NONE) && (!c->second->m_subjectDeprecated)) { for (unsigned int i = 0; i < c->second->m_certificate.subject.identityCount; ++i) { - const Identity* const id = reinterpret_cast(c->second->m_certificate.subject.identities[i].identity); + const Identity *const id = + reinterpret_cast(c->second->m_certificate.subject.identities[i].identity); if ((id) && (*id)) // sanity check m_bySubjectIdentity[id->fingerprint()].push_back(c->second); } @@ -254,8 +268,9 @@ bool TrustStore::update(const int64_t clock, Vector >* const pu // If purge is set, erase and return error and deprecated certs (that are not on a trust path). if (purge) { - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end();) { - if ((c->second->error() != ZT_CERTIFICATE_ERROR_NONE) || ((c->second->m_subjectDeprecated) && (! c->second->m_onTrustPath))) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end();) { + if ((c->second->error() != ZT_CERTIFICATE_ERROR_NONE) + || ((c->second->m_subjectDeprecated) && (!c->second->m_onTrustPath))) { purge->push_back(c->second); m_bySerial.erase(c++); } @@ -283,7 +298,7 @@ Vector TrustStore::save() const b.push_back(0); // tuples terminated by a 0 size. - for (Map >::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { + for (Map>::const_iterator c(m_bySerial.begin()); c != m_bySerial.end(); ++c) { const Vector cdata(c->second->certificate().encode()); const unsigned long size = (uint32_t)cdata.size(); if ((size > 0) && (size <= 0xffff)) { @@ -299,7 +314,9 @@ Vector TrustStore::save() const b.push_back(0); comp.resize((unsigned long)LZ4_COMPRESSBOUND(b.size()) + 8); - compSize = LZ4_compress_fast(reinterpret_cast(b.data()), reinterpret_cast(comp.data() + 8), (int)b.size(), (int)(comp.size() - 8)); + compSize = LZ4_compress_fast( + reinterpret_cast(b.data()), reinterpret_cast(comp.data() + 8), (int)b.size(), + (int)(comp.size() - 8)); if (unlikely(compSize <= 0)) // shouldn't be possible return Vector(); @@ -315,7 +332,7 @@ Vector TrustStore::save() const return comp; } -int TrustStore::load(const Vector& data) +int TrustStore::load(const Vector &data) { if (data.size() < 8) return -1; @@ -327,12 +344,15 @@ int TrustStore::load(const Vector& data) Vector uncomp; uncomp.resize(uncompSize); - if (LZ4_decompress_safe(reinterpret_cast(data.data() + 8), reinterpret_cast(uncomp.data()), (int)(data.size() - 8), (int)uncompSize) != (int)uncompSize) + if (LZ4_decompress_safe( + reinterpret_cast(data.data() + 8), reinterpret_cast(uncomp.data()), + (int)(data.size() - 8), (int)uncompSize) + != (int)uncompSize) return -1; - const uint8_t* b = uncomp.data(); + const uint8_t *b = uncomp.data(); if (Utils::fnv1a32(b, (unsigned int)uncompSize) != Utils::loadBigEndian(data.data() + 4)) return -1; - const uint8_t* const eof = b + uncompSize; + const uint8_t *const eof = b + uncompSize; if (*(b++) != 0) // unrecognized version return -1; diff --git a/core/TrustStore.hpp b/core/TrustStore.hpp index abe0ffc9b..61636f7fc 100644 --- a/core/TrustStore.hpp +++ b/core/TrustStore.hpp @@ -57,10 +57,7 @@ class TrustStore { /** * @return Reference to held certificate */ - ZT_INLINE const Certificate& certificate() const noexcept - { - return m_certificate; - } + ZT_INLINE const Certificate &certificate() const noexcept { return m_certificate; } /** * Get the local trust for this certificate @@ -98,12 +95,9 @@ class TrustStore { } private: - Entry& operator=(const Entry&) - { - return *this; - } + Entry &operator=(const Entry &) { return *this; } - ZT_INLINE Entry(RWMutex& l, const Certificate& cert, const unsigned int lt) noexcept + ZT_INLINE Entry(RWMutex &l, const Certificate &cert, const unsigned int lt) noexcept : __refCount(0) , m_lock(l) , m_certificate(cert) @@ -116,7 +110,7 @@ class TrustStore { std::atomic __refCount; - RWMutex& m_lock; + RWMutex &m_lock; const Certificate m_certificate; unsigned int m_localTrust; ZT_CertificateError m_error; @@ -137,7 +131,7 @@ class TrustStore { * @param serial SHA384 hash of certificate * @return Entry or empty/nil if not found */ - SharedPtr get(const H384& serial) const; + SharedPtr get(const H384 &serial) const; /** * Get roots specified by root set certificates in the local store. @@ -148,13 +142,13 @@ class TrustStore { * * @return Roots and the latest locator specified for each (if any) */ - Map > roots(); + Map> roots(); /** * @param includeRejectedCertificates If true, also include certificates with error codes * @return All certificates in asecending sort order by serial */ - Vector > all(bool includeRejectedCertificates) const; + Vector> all(bool includeRejectedCertificates) const; /** * Add a certificate @@ -168,7 +162,7 @@ class TrustStore { * * @param cert Certificate to add */ - void add(const Certificate& cert, unsigned int localTrust); + void add(const Certificate &cert, unsigned int localTrust); /** * Queue a certificate to be deleted @@ -177,7 +171,7 @@ class TrustStore { * * @param serial Serial of certificate to delete */ - void erase(const H384& serial); + void erase(const H384 &serial); /** * Validate all certificates and their certificate chains @@ -188,7 +182,7 @@ class TrustStore { * @param purge If non-NULL, purge rejected certificates and return them in this vector (vector should be empty) * @return True if there were changes */ - bool update(int64_t clock, Vector >* purge); + bool update(int64_t clock, Vector> *purge); /** * Create a compressed binary version of certificates and their local trust @@ -206,13 +200,14 @@ class TrustStore { * @param data Data to decode * @return Number of certificates or -1 if input is invalid */ - int load(const Vector& data); + int load(const Vector &data); private: - Map > m_bySerial; // all certificates - Map, SharedPtr > m_bySubjectUniqueId; // non-rejected certificates only - Map > > m_bySubjectIdentity; // non-rejected certificates only - ForwardList > m_addQueue; + Map> m_bySerial; // all certificates + Map, SharedPtr> + m_bySubjectUniqueId; // non-rejected certificates only + Map>> m_bySubjectIdentity; // non-rejected certificates only + ForwardList> m_addQueue; ForwardList m_deleteQueue; RWMutex m_lock; }; diff --git a/core/Utils.cpp b/core/Utils.cpp index 29f7d8d37..fe709f878 100644 --- a/core/Utils.cpp +++ b/core/Utils.cpp @@ -76,32 +76,32 @@ ARMCapabilities::ARMCapabilities() noexcept { #ifdef __APPLE__ - this->aes = true; + this->aes = true; this->crc32 = true; this->pmull = true; - this->sha1 = true; - this->sha2 = true; + this->sha1 = true; + this->sha2 = true; #else #ifdef __LINUX__ #ifdef HWCAP2_AES - if (sizeof(void*) == 4) { + if (sizeof(void *) == 4) { const long hwcaps2 = getauxval(AT_HWCAP2); - this->aes = (hwcaps2 & HWCAP2_AES) != 0; - this->crc32 = (hwcaps2 & HWCAP2_CRC32) != 0; - this->pmull = (hwcaps2 & HWCAP2_PMULL) != 0; - this->sha1 = (hwcaps2 & HWCAP2_SHA1) != 0; - this->sha2 = (hwcaps2 & HWCAP2_SHA2) != 0; + this->aes = (hwcaps2 & HWCAP2_AES) != 0; + this->crc32 = (hwcaps2 & HWCAP2_CRC32) != 0; + this->pmull = (hwcaps2 & HWCAP2_PMULL) != 0; + this->sha1 = (hwcaps2 & HWCAP2_SHA1) != 0; + this->sha2 = (hwcaps2 & HWCAP2_SHA2) != 0; } else { #endif const long hwcaps = getauxval(AT_HWCAP); - this->aes = (hwcaps & HWCAP_AES) != 0; - this->crc32 = (hwcaps & HWCAP_CRC32) != 0; - this->pmull = (hwcaps & HWCAP_PMULL) != 0; - this->sha1 = (hwcaps & HWCAP_SHA1) != 0; - this->sha2 = (hwcaps & HWCAP_SHA2) != 0; + this->aes = (hwcaps & HWCAP_AES) != 0; + this->crc32 = (hwcaps & HWCAP_CRC32) != 0; + this->pmull = (hwcaps & HWCAP_PMULL) != 0; + this->sha1 = (hwcaps & HWCAP_SHA1) != 0; + this->sha2 = (hwcaps & HWCAP_SHA2) != 0; #ifdef HWCAP2_AES } #endif @@ -130,8 +130,8 @@ CPUIDRegisters::CPUIDRegisters() noexcept #endif rdrand = ((ecx & (1U << 30U)) != 0); - aes = (((ecx & (1U << 25U)) != 0) && ((ecx & (1U << 19U)) != 0) && ((ecx & (1U << 1U)) != 0)); - avx = ((ecx & (1U << 25U)) != 0); + aes = (((ecx & (1U << 25U)) != 0) && ((ecx & (1U << 19U)) != 0) && ((ecx & (1U << 1U)) != 0)); + avx = ((ecx & (1U << 25U)) != 0); #ifdef __WINDOWS__ __cpuid(regs, 7); @@ -143,12 +143,12 @@ CPUIDRegisters::CPUIDRegisters() noexcept __asm__ __volatile__("cpuid" : "=a"(eax), "=b"(ebx), "=c"(ecx), "=d"(edx) : "a"(7), "c"(0)); #endif - vaes = aes && avx && ((ecx & (1U << 9U)) != 0); + vaes = aes && avx && ((ecx & (1U << 9U)) != 0); vpclmulqdq = aes && avx && ((ecx & (1U << 10U)) != 0); - avx2 = avx && ((ebx & (1U << 5U)) != 0); - avx512f = avx && ((ebx & (1U << 16U)) != 0); - sha = ((ebx & (1U << 29U)) != 0); - fsrm = ((edx & (1U << 4U)) != 0); + avx2 = avx && ((ebx & (1U << 5U)) != 0); + avx512f = avx && ((ebx & (1U << 16U)) != 0); + sha = ((ebx & (1U << 29U)) != 0); + fsrm = ((edx & (1U << 4U)) != 0); } const CPUIDRegisters CPUID; @@ -157,27 +157,27 @@ const CPUIDRegisters CPUID; const std::bad_alloc BadAllocException; const std::out_of_range OutOfRangeException("access out of range"); const uint64_t ZERO256[4] = { 0, 0, 0, 0 }; -const char HEXCHARS[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; +const char HEXCHARS[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; const uint64_t s_mapNonce = getSecureRandomU64(); -bool secureEq(const void* const a, const void* const b, const unsigned int len) noexcept +bool secureEq(const void *const a, const void *const b, const unsigned int len) noexcept { uint8_t diff = 0; for (unsigned int i = 0; i < len; ++i) - diff |= ((reinterpret_cast(a))[i] ^ (reinterpret_cast(b))[i]); + diff |= ((reinterpret_cast(a))[i] ^ (reinterpret_cast(b))[i]); return (diff == 0); } -void burn(volatile void* const ptr, const unsigned int len) +void burn(volatile void *const ptr, const unsigned int len) { static volatile uintptr_t foo = 0; - Utils::zero((void*)ptr, len); + Utils::zero((void *)ptr, len); // Force compiler not to optimize this function out by taking a volatile // parameter and also updating a volatile variable. - foo += (uintptr_t)len ^ (uintptr_t) reinterpret_cast(ptr)[0]; + foo += (uintptr_t)len ^ (uintptr_t) reinterpret_cast(ptr)[0]; } -static unsigned long s_decimalRecursive(unsigned long n, char* s) +static unsigned long s_decimalRecursive(unsigned long n, char *s) { if (n == 0) return 0; @@ -188,7 +188,7 @@ static unsigned long s_decimalRecursive(unsigned long n, char* s) return pos + 1; } -char* decimal(unsigned long n, char s[24]) noexcept +char *decimal(unsigned long n, char s[24]) noexcept { if (n == 0) { s[0] = '0'; @@ -199,17 +199,17 @@ char* decimal(unsigned long n, char s[24]) noexcept return s; } -char* hex(uint64_t i, char buf[17]) noexcept +char *hex(uint64_t i, char buf[17]) noexcept { if (i != 0) { - char* p = nullptr; + char *p = nullptr; for (int b = 60; b >= 0; b -= 4) { const unsigned int nyb = (unsigned int)(i >> (unsigned int)b) & 0xfU; if (p) { *(p++) = HEXCHARS[nyb]; } else if (nyb != 0) { - p = buf; + p = buf; *(p++) = HEXCHARS[nyb]; } } @@ -223,14 +223,14 @@ char* hex(uint64_t i, char buf[17]) noexcept } } -uint64_t unhex(const char* s) noexcept +uint64_t unhex(const char *s) noexcept { uint64_t n = 0; if (s) { int k = 0; while (k < 16) { char hc = *(s++); - if (! hc) + if (!hc) break; uint8_t c = 0; @@ -249,27 +249,27 @@ uint64_t unhex(const char* s) noexcept return n; } -char* hex(const void* d, unsigned int l, char* s) noexcept +char *hex(const void *d, unsigned int l, char *s) noexcept { - char* const save = s; + char *const save = s; for (unsigned int i = 0; i < l; ++i) { - const unsigned int b = reinterpret_cast(d)[i]; - *(s++) = HEXCHARS[b >> 4U]; - *(s++) = HEXCHARS[b & 0xfU]; + const unsigned int b = reinterpret_cast(d)[i]; + *(s++) = HEXCHARS[b >> 4U]; + *(s++) = HEXCHARS[b & 0xfU]; } *s = (char)0; return save; } -unsigned int unhex(const char* h, unsigned int hlen, void* buf, unsigned int buflen) noexcept +unsigned int unhex(const char *h, unsigned int hlen, void *buf, unsigned int buflen) noexcept { - unsigned int l = 0; - const char* hend = h + hlen; + unsigned int l = 0; + const char *hend = h + hlen; while (l < buflen) { if (h == hend) break; - uint8_t hc = *(reinterpret_cast(h++)); - if (! hc) + uint8_t hc = *(reinterpret_cast(h++)); + if (!hc) break; uint8_t c = 0; @@ -282,8 +282,8 @@ unsigned int unhex(const char* h, unsigned int hlen, void* buf, unsigned int buf if (h == hend) break; - hc = *(reinterpret_cast(h++)); - if (! hc) + hc = *(reinterpret_cast(h++)); + if (!hc) break; c <<= 4U; @@ -294,7 +294,7 @@ unsigned int unhex(const char* h, unsigned int hlen, void* buf, unsigned int buf else if ((hc >= 65) && (hc <= 70)) c |= hc - 55; - reinterpret_cast(buf)[l++] = c; + reinterpret_cast(buf)[l++] = c; } return l; } @@ -302,7 +302,7 @@ unsigned int unhex(const char* h, unsigned int hlen, void* buf, unsigned int buf #define ZT_GETSECURERANDOM_STATE_SIZE 64 #define ZT_GETSECURERANDOM_ITERATIONS_PER_GENERATOR 1048576 -void getSecureRandom(void* const buf, unsigned int bytes) noexcept +void getSecureRandom(void *const buf, unsigned int bytes) noexcept { static Mutex globalLock; static bool initialized = false; @@ -320,16 +320,16 @@ void getSecureRandom(void* const buf, unsigned int bytes) noexcept if (unlikely(randomByteCounter >= ZT_GETSECURERANDOM_ITERATIONS_PER_GENERATOR)) { randomByteCounter = 0; - if (unlikely(! initialized)) { + if (unlikely(!initialized)) { initialized = true; Utils::zero(randomState); #ifdef __WINDOWS__ HCRYPTPROV cryptProvider = NULL; - if (! CryptAcquireContextA(&cryptProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { + if (!CryptAcquireContextA(&cryptProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { fprintf(stderr, "FATAL: Utils::getSecureRandom() unable to obtain WinCrypt context!\r\n"); exit(1); } - if (! CryptGenRandom(cryptProvider, (DWORD)sizeof(randomState), (BYTE*)randomState)) { + if (!CryptGenRandom(cryptProvider, (DWORD)sizeof(randomState), (BYTE *)randomState)) { fprintf(stderr, "FATAL: Utils::getSecureRandom() CryptGenRandom failed!\r\n"); exit(1); } @@ -355,7 +355,7 @@ void getSecureRandom(void* const buf, unsigned int bytes) noexcept if (CPUID.rdrand) { uint64_t tmp = 0; for (unsigned long i = 0; i < ZT_GETSECURERANDOM_STATE_SIZE; ++i) { - _rdrand64_step((unsigned long long*)&tmp); + _rdrand64_step((unsigned long long *)&tmp); randomState[i] ^= tmp; } } @@ -373,8 +373,8 @@ void getSecureRandom(void* const buf, unsigned int bytes) noexcept // Generate random bytes using AES and bytes 32-48 of randomState as an in-place // AES-CTR counter. Counter can be machine endian; we don't care about portability // for a random generator. - uint64_t* const ctr = randomState + 4; - uint8_t* out = reinterpret_cast(buf); + uint64_t *const ctr = randomState + 4; + uint8_t *out = reinterpret_cast(buf); while (bytes >= 16) { ++*ctr; @@ -400,7 +400,7 @@ uint64_t getSecureRandomU64() noexcept return tmp; } -int b32e(const uint8_t* data, int length, char* result, int bufSize) noexcept +int b32e(const uint8_t *data, int length, char *result, int bufSize) noexcept { if (length < 0 || length > (1 << 28U)) { result[0] = (char)0; @@ -408,8 +408,8 @@ int b32e(const uint8_t* data, int length, char* result, int bufSize) noexcept } int count = 0; if (length > 0) { - int buffer = data[0]; - int next = 1; + int buffer = data[0]; + int next = 1; int bitsLeft = 8; while (count < bufSize && (bitsLeft > 0 || next < length)) { if (bitsLeft < 5) { @@ -437,12 +437,12 @@ int b32e(const uint8_t* data, int length, char* result, int bufSize) noexcept return -1; } -int b32d(const char* encoded, uint8_t* result, int bufSize) noexcept +int b32d(const char *encoded, uint8_t *result, int bufSize) noexcept { - int buffer = 0; + int buffer = 0; int bitsLeft = 0; - int count = 0; - for (const uint8_t* ptr = (const uint8_t*)encoded; count < bufSize && *ptr; ++ptr) { + int count = 0; + for (const uint8_t *ptr = (const uint8_t *)encoded; count < bufSize && *ptr; ++ptr) { uint8_t ch = *ptr; if (ch == ' ' || ch == '\t' || ch == '\r' || ch == '\n' || ch == '-' || ch == '.') { continue; @@ -489,19 +489,19 @@ uint64_t random() noexcept static volatile uint64_t s_s3 = getSecureRandomU64(); // https://en.wikipedia.org/wiki/Xorshift#xoshiro256** - uint64_t s0 = s_s0; - uint64_t s1 = s_s1; - uint64_t s2 = s_s2; - uint64_t s3 = s_s3; - const uint64_t s1x5 = s1 * 5ULL; + uint64_t s0 = s_s0; + uint64_t s1 = s_s1; + uint64_t s2 = s_s2; + uint64_t s3 = s_s3; + const uint64_t s1x5 = s1 * 5ULL; const uint64_t result = ((s1x5 << 7U) | (s1x5 >> 57U)) * 9ULL; - const uint64_t t = s1 << 17U; + const uint64_t t = s1 << 17U; s2 ^= s0; s3 ^= s1; s1 ^= s2; s0 ^= s3; s2 ^= t; - s3 = ((s3 << 45U) | (s3 >> 19U)); + s3 = ((s3 << 45U) | (s3 >> 19U)); s_s0 = s0; s_s1 = s1; s_s2 = s2; @@ -510,7 +510,7 @@ uint64_t random() noexcept return result; } -bool scopy(char* const dest, const unsigned int len, const char* const src) noexcept +bool scopy(char *const dest, const unsigned int len, const char *const src) noexcept { if (unlikely((len == 0) || (dest == nullptr))) { return false; @@ -532,12 +532,12 @@ bool scopy(char* const dest, const unsigned int len, const char* const src) noex } } -uint32_t fnv1a32(const void* const restrict data, const unsigned int len) noexcept +uint32_t fnv1a32(const void *const restrict data, const unsigned int len) noexcept { - uint32_t h = 0x811c9dc5; + uint32_t h = 0x811c9dc5; const uint32_t p = 0x01000193; for (unsigned int i = 0; i < len; ++i) - h = (h ^ (uint32_t) reinterpret_cast(data)[i]) * p; + h = (h ^ (uint32_t) reinterpret_cast(data)[i]) * p; return h; } diff --git a/core/Utils.hpp b/core/Utils.hpp index b8efaaff6..7f7a9d0fa 100644 --- a/core/Utils.hpp +++ b/core/Utils.hpp @@ -36,9 +36,11 @@ namespace Utils { // Macros to convert endian-ness at compile time for constants. #if __BYTE_ORDER == __LITTLE_ENDIAN #define ZT_CONST_TO_BE_UINT16(x) ((uint16_t)((uint16_t)((uint16_t)(x) << 8U) | (uint16_t)((uint16_t)(x) >> 8U))) -#define ZT_CONST_TO_BE_UINT64(x) \ - ((((uint64_t)(x)&0x00000000000000ffULL) << 56U) | (((uint64_t)(x)&0x000000000000ff00ULL) << 40U) | (((uint64_t)(x)&0x0000000000ff0000ULL) << 24U) | (((uint64_t)(x)&0x00000000ff000000ULL) << 8U) \ - | (((uint64_t)(x)&0x000000ff00000000ULL) >> 8U) | (((uint64_t)(x)&0x0000ff0000000000ULL) >> 24U) | (((uint64_t)(x)&0x00ff000000000000ULL) >> 40U) | (((uint64_t)(x)&0xff00000000000000ULL) >> 56U)) +#define ZT_CONST_TO_BE_UINT64(x) \ + ((((uint64_t)(x)&0x00000000000000ffULL) << 56U) | (((uint64_t)(x)&0x000000000000ff00ULL) << 40U) \ + | (((uint64_t)(x)&0x0000000000ff0000ULL) << 24U) | (((uint64_t)(x)&0x00000000ff000000ULL) << 8U) \ + | (((uint64_t)(x)&0x000000ff00000000ULL) >> 8U) | (((uint64_t)(x)&0x0000ff0000000000ULL) >> 24U) \ + | (((uint64_t)(x)&0x00ff000000000000ULL) >> 40U) | (((uint64_t)(x)&0xff00000000000000ULL) >> 56U)) #else #define ZT_CONST_TO_BE_UINT16(x) ((uint16_t)(x)) #define ZT_CONST_TO_BE_UINT64(x) ((uint64_t)(x)) @@ -91,7 +93,7 @@ extern const uint64_t s_mapNonce; * @param len Length of strings * @return True if strings are equal */ -bool secureEq(const void* a, const void* b, unsigned int len) noexcept; +bool secureEq(const void *a, const void *b, unsigned int len) noexcept; /** * Be absolutely sure to zero memory @@ -102,14 +104,14 @@ bool secureEq(const void* a, const void* b, unsigned int len) noexcept; * @param ptr Memory to zero * @param len Length of memory in bytes */ -void burn(volatile void* ptr, unsigned int len); +void burn(volatile void *ptr, unsigned int len); /** * @param n Number to convert * @param s Buffer, at least 24 bytes in size * @return String containing 'n' in base 10 form */ -char* decimal(unsigned long n, char s[24]) noexcept; +char *decimal(unsigned long n, char s[24]) noexcept; /** * Convert an unsigned integer into hex @@ -118,7 +120,7 @@ char* decimal(unsigned long n, char s[24]) noexcept; * @param s Buffer to receive hex, must be at least (2*sizeof(i))+1 in size or overflow will occur. * @return Pointer to s containing hex string with trailing zero byte */ -char* hex(uint64_t i, char buf[17]) noexcept; +char *hex(uint64_t i, char buf[17]) noexcept; /** * Decode an unsigned integer in hex format @@ -126,7 +128,7 @@ char* hex(uint64_t i, char buf[17]) noexcept; * @param s String to decode, non-hex chars are ignored * @return Unsigned integer */ -uint64_t unhex(const char* s) noexcept; +uint64_t unhex(const char *s) noexcept; /** * Convert a byte array into hex @@ -136,7 +138,7 @@ uint64_t unhex(const char* s) noexcept; * @param s String buffer, must be at least (l*2)+1 in size or overflow will occur * @return Pointer to filled string buffer */ -char* hex(const void* d, unsigned int l, char* s) noexcept; +char *hex(const void *d, unsigned int l, char *s) noexcept; /** * Decode a hex string @@ -147,7 +149,7 @@ char* hex(const void* d, unsigned int l, char* s) noexcept; * @param buflen Length of output buffer * @return Number of written bytes */ -unsigned int unhex(const char* h, unsigned int hlen, void* buf, unsigned int buflen) noexcept; +unsigned int unhex(const char *h, unsigned int hlen, void *buf, unsigned int buflen) noexcept; /** * Generate secure random bytes @@ -158,7 +160,7 @@ unsigned int unhex(const char* h, unsigned int hlen, void* buf, unsigned int buf * @param buf Buffer to fill * @param bytes Number of random bytes to generate */ -void getSecureRandom(void* buf, unsigned int bytes) noexcept; +void getSecureRandom(void *buf, unsigned int bytes) noexcept; /** * @return Secure random 64-bit integer @@ -174,7 +176,7 @@ uint64_t getSecureRandomU64() noexcept; * @param bufSize Size of result buffer * @return Number of bytes written */ -int b32e(const uint8_t* data, int length, char* result, int bufSize) noexcept; +int b32e(const uint8_t *data, int length, char *result, int bufSize) noexcept; /** * Decode base32 string @@ -184,7 +186,7 @@ int b32e(const uint8_t* data, int length, char* result, int bufSize) noexcept; * @param bufSize Size of result buffer * @return Number of bytes written or -1 on error */ -int b32d(const char* encoded, uint8_t* result, int bufSize) noexcept; +int b32d(const char *encoded, uint8_t *result, int bufSize) noexcept; /** * Get a non-cryptographic random integer. @@ -206,15 +208,15 @@ uint64_t random() noexcept; * @param src Source string (if NULL, dest will receive a zero-length string and true is returned) * @return True on success, false on overflow (buffer will still be 0-terminated) */ -bool scopy(char* dest, unsigned int len, const char* src) noexcept; +bool scopy(char *dest, unsigned int len, const char *src) noexcept; /** * Check if a buffer's contents are all zero */ -static ZT_INLINE bool allZero(const void* const b, const unsigned int l) noexcept +static ZT_INLINE bool allZero(const void *const b, const unsigned int l) noexcept { for (unsigned int i = 0; i < l; ++i) { - if (reinterpret_cast(b)[i] != 0) + if (reinterpret_cast(b)[i] != 0) return false; } return true; @@ -228,7 +230,7 @@ static ZT_INLINE bool allZero(const void* const b, const unsigned int l) noexcep * @param saveptr Pointer to pointer where function can save state * @return Next token or NULL if none */ -static ZT_INLINE char* stok(char* str, const char* delim, char** saveptr) noexcept +static ZT_INLINE char *stok(char *str, const char *delim, char **saveptr) noexcept { #ifdef __WINDOWS__ return strtok_s(str, delim, saveptr); @@ -237,12 +239,9 @@ static ZT_INLINE char* stok(char* str, const char* delim, char** saveptr) noexce #endif } -static ZT_INLINE unsigned int strToUInt(const char* s) noexcept -{ - return (unsigned int)strtoul(s, nullptr, 10); -} +static ZT_INLINE unsigned int strToUInt(const char *s) noexcept { return (unsigned int)strtoul(s, nullptr, 10); } -static ZT_INLINE unsigned long long hexStrToU64(const char* s) noexcept +static ZT_INLINE unsigned long long hexStrToU64(const char *s) noexcept { #ifdef __WINDOWS__ return (unsigned long long)_strtoui64(s, nullptr, 16); @@ -300,7 +299,8 @@ static ZT_INLINE uint64_t swapBytes(const uint64_t n) noexcept return (uint64_t)_byteswap_uint64((unsigned __int64)n); #else return ( - ((n & 0x00000000000000ffULL) << 56) | ((n & 0x000000000000ff00ULL) << 40) | ((n & 0x0000000000ff0000ULL) << 24) | ((n & 0x00000000ff000000ULL) << 8) | ((n & 0x000000ff00000000ULL) >> 8) | ((n & 0x0000ff0000000000ULL) >> 24) + ((n & 0x00000000000000ffULL) << 56) | ((n & 0x000000000000ff00ULL) << 40) | ((n & 0x0000000000ff0000ULL) << 24) + | ((n & 0x00000000ff000000ULL) << 8) | ((n & 0x000000ff00000000ULL) >> 8) | ((n & 0x0000ff0000000000ULL) >> 24) | ((n & 0x00ff000000000000ULL) >> 40) | ((n & 0xff00000000000000ULL) >> 56)); #endif #endif @@ -350,49 +350,34 @@ template class _swap_bytes_bysize; template class _swap_bytes_bysize { public: - static ZT_INLINE I s(const I n) noexcept - { - return n; - } + static ZT_INLINE I s(const I n) noexcept { return n; } }; template class _swap_bytes_bysize { public: - static ZT_INLINE I s(const I n) noexcept - { - return (I)swapBytes((uint16_t)n); - } + static ZT_INLINE I s(const I n) noexcept { return (I)swapBytes((uint16_t)n); } }; template class _swap_bytes_bysize { public: - static ZT_INLINE I s(const I n) noexcept - { - return (I)swapBytes((uint32_t)n); - } + static ZT_INLINE I s(const I n) noexcept { return (I)swapBytes((uint32_t)n); } }; template class _swap_bytes_bysize { public: - static ZT_INLINE I s(const I n) noexcept - { - return (I)swapBytes((uint64_t)n); - } + static ZT_INLINE I s(const I n) noexcept { return (I)swapBytes((uint64_t)n); } }; template class _load_be_bysize; template class _load_be_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept - { - return p[0]; - } + static ZT_INLINE I l(const uint8_t *const p) noexcept { return p[0]; } }; template class _load_be_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept + static ZT_INLINE I l(const uint8_t *const p) noexcept { return (I)(((unsigned int)p[0] << 8U) | (unsigned int)p[1]); } @@ -400,7 +385,7 @@ template class _load_be_bysize { template class _load_be_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept + static ZT_INLINE I l(const uint8_t *const p) noexcept { return (I)(((uint32_t)p[0] << 24U) | ((uint32_t)p[1] << 16U) | ((uint32_t)p[2] << 8U) | (uint32_t)p[3]); } @@ -408,9 +393,10 @@ template class _load_be_bysize { template class _load_be_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept + static ZT_INLINE I l(const uint8_t *const p) noexcept { - return (I)(((uint64_t)p[0] << 56U) | ((uint64_t)p[1] << 48U) | ((uint64_t)p[2] << 40U) | ((uint64_t)p[3] << 32U) | ((uint64_t)p[4] << 24U) | ((uint64_t)p[5] << 16U) | ((uint64_t)p[6] << 8U) | (uint64_t)p[7]); + return ( + I)(((uint64_t)p[0] << 56U) | ((uint64_t)p[1] << 48U) | ((uint64_t)p[2] << 40U) | ((uint64_t)p[3] << 32U) | ((uint64_t)p[4] << 24U) | ((uint64_t)p[5] << 16U) | ((uint64_t)p[6] << 8U) | (uint64_t)p[7]); } }; @@ -418,15 +404,12 @@ template class _load_le_bysize; template class _load_le_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept - { - return p[0]; - } + static ZT_INLINE I l(const uint8_t *const p) noexcept { return p[0]; } }; template class _load_le_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept + static ZT_INLINE I l(const uint8_t *const p) noexcept { return (I)((unsigned int)p[0] | ((unsigned int)p[1] << 8U)); } @@ -434,7 +417,7 @@ template class _load_le_bysize { template class _load_le_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept + static ZT_INLINE I l(const uint8_t *const p) noexcept { return (I)((uint32_t)p[0] | ((uint32_t)p[1] << 8U) | ((uint32_t)p[2] << 16U) | ((uint32_t)p[3] << 24U)); } @@ -442,9 +425,10 @@ template class _load_le_bysize { template class _load_le_bysize { public: - static ZT_INLINE I l(const uint8_t* const p) noexcept + static ZT_INLINE I l(const uint8_t *const p) noexcept { - return (I)((uint64_t)p[0] | ((uint64_t)p[1] << 8U) | ((uint64_t)p[2] << 16U) | ((uint64_t)p[3] << 24U) | ((uint64_t)p[4] << 32U) | ((uint64_t)p[5] << 40U) | ((uint64_t)p[6] << 48U) | ((uint64_t)p[7]) << 56U); + return ( + I)((uint64_t)p[0] | ((uint64_t)p[1] << 8U) | ((uint64_t)p[2] << 16U) | ((uint64_t)p[3] << 24U) | ((uint64_t)p[4] << 32U) | ((uint64_t)p[5] << 40U) | ((uint64_t)p[6] << 48U) | ((uint64_t)p[7]) << 56U); } }; @@ -487,15 +471,15 @@ template static ZT_INLINE I ntoh(const I n) noexcept * @param p Byte stream, must be at least sizeof(I) in size * @return Loaded raw integer */ -template static ZT_INLINE I loadMachineEndian(const void* const restrict p) noexcept +template static ZT_INLINE I loadMachineEndian(const void *const restrict p) noexcept { #ifdef ZT_NO_UNALIGNED_ACCESS I tmp; for (int i = 0; i < (int)sizeof(I); ++i) - reinterpret_cast(&tmp)[i] = reinterpret_cast(p)[i]; + reinterpret_cast(&tmp)[i] = reinterpret_cast(p)[i]; return tmp; #else - return *reinterpret_cast(p); + return *reinterpret_cast(p); #endif } @@ -506,13 +490,13 @@ template static ZT_INLINE I loadMachineEndian(const void* const res * @param p Byte array (must be at least sizeof(I)) * @param i Integer to store */ -template static ZT_INLINE void storeMachineEndian(void* const restrict p, const I i) noexcept +template static ZT_INLINE void storeMachineEndian(void *const restrict p, const I i) noexcept { #ifdef ZT_NO_UNALIGNED_ACCESS for (unsigned int k = 0; k < sizeof(I); ++k) - reinterpret_cast(p)[k] = reinterpret_cast(&i)[k]; + reinterpret_cast(p)[k] = reinterpret_cast(&i)[k]; #else - *reinterpret_cast(p) = i; + *reinterpret_cast(p) = i; #endif } @@ -523,12 +507,12 @@ template static ZT_INLINE void storeMachineEndian(void* const restr * @param p Byte stream, must be at least sizeof(I) in size * @return Decoded integer */ -template static ZT_INLINE I loadBigEndian(const void* const restrict p) noexcept +template static ZT_INLINE I loadBigEndian(const void *const restrict p) noexcept { #ifdef ZT_NO_UNALIGNED_ACCESS - return _load_be_bysize::l(reinterpret_cast(p)); + return _load_be_bysize::l(reinterpret_cast(p)); #else - return ntoh(*reinterpret_cast(p)); + return ntoh(*reinterpret_cast(p)); #endif } @@ -539,12 +523,12 @@ template static ZT_INLINE I loadBigEndian(const void* const restric * @param p Byte stream to write (must be at least sizeof(I)) * #param i Integer to write */ -template static ZT_INLINE void storeBigEndian(void* const restrict p, I i) noexcept +template static ZT_INLINE void storeBigEndian(void *const restrict p, I i) noexcept { #ifdef ZT_NO_UNALIGNED_ACCESS storeMachineEndian(p, hton(i)); #else - *reinterpret_cast(p) = hton(i); + *reinterpret_cast(p) = hton(i); #endif } @@ -555,12 +539,12 @@ template static ZT_INLINE void storeBigEndian(void* const restrict * @param p Byte stream, must be at least sizeof(I) in size * @return Decoded integer */ -template static ZT_INLINE I loadLittleEndian(const void* const restrict p) noexcept +template static ZT_INLINE I loadLittleEndian(const void *const restrict p) noexcept { #if __BYTE_ORDER == __BIG_ENDIAN || defined(ZT_NO_UNALIGNED_ACCESS) - return _load_le_bysize::l(reinterpret_cast(p)); + return _load_le_bysize::l(reinterpret_cast(p)); #else - return *reinterpret_cast(p); + return *reinterpret_cast(p); #endif } @@ -571,7 +555,7 @@ template static ZT_INLINE I loadLittleEndian(const void* const rest * @param p Byte stream to write (must be at least sizeof(I)) * #param i Integer to write */ -template static ZT_INLINE void storeLittleEndian(void* const restrict p, const I i) noexcept +template static ZT_INLINE void storeLittleEndian(void *const restrict p, const I i) noexcept { #if __BYTE_ORDER == __BIG_ENDIAN storeMachineEndian(p, _swap_bytes_bysize::s(i)); @@ -579,7 +563,7 @@ template static ZT_INLINE void storeLittleEndian(void* const restri #ifdef ZT_NO_UNALIGNED_ACCESS storeMachineEndian(p, i); #else - *reinterpret_cast(p) = i; + *reinterpret_cast(p) = i; #endif #endif } @@ -591,7 +575,7 @@ template static ZT_INLINE void storeLittleEndian(void* const restri * @param dest Destination memory * @param src Source memory */ -template static ZT_INLINE void copy(void* dest, const void* src) noexcept +template static ZT_INLINE void copy(void *dest, const void *src) noexcept { #if defined(ZT_ARCH_X64) && defined(__GNUC__) uintptr_t l = L; @@ -608,7 +592,7 @@ template static ZT_INLINE void copy(void* dest, const void* sr * @param src Source memory * @param len Bytes to copy */ -static ZT_INLINE void copy(void* dest, const void* src, unsigned long len) noexcept +static ZT_INLINE void copy(void *dest, const void *src, unsigned long len) noexcept { #if defined(ZT_ARCH_X64) && defined(__GNUC__) __asm__ __volatile__("cld ; rep movsb" : "+c"(len), "+S"(src), "+D"(dest)::"memory"); @@ -623,7 +607,7 @@ static ZT_INLINE void copy(void* dest, const void* src, unsigned long len) noexc * @tparam L Size in bytes * @param dest Memory to zero */ -template static ZT_INLINE void zero(void* dest) noexcept +template static ZT_INLINE void zero(void *dest) noexcept { #if defined(ZT_ARCH_X64) && defined(__GNUC__) uintptr_t l = L; @@ -639,7 +623,7 @@ template static ZT_INLINE void zero(void* dest) noexcept * @param dest Memory to zero * @param len Size in bytes */ -static ZT_INLINE void zero(void* dest, unsigned long len) noexcept +static ZT_INLINE void zero(void *dest, unsigned long len) noexcept { #if defined(ZT_ARCH_X64) && defined(__GNUC__) __asm__ __volatile__("cld ; rep stosb" : "+c"(len), "+D"(dest) : "a"(0) : "memory"); @@ -654,7 +638,7 @@ static ZT_INLINE void zero(void* dest, unsigned long len) noexcept * @tparam L Size in bytes * @param dest Memory to zero */ -template static ZT_INLINE void fill(void* dest) noexcept +template static ZT_INLINE void fill(void *dest) noexcept { #if defined(ZT_ARCH_X64) && defined(__GNUC__) uintptr_t l = L; @@ -670,7 +654,7 @@ template static ZT_INLINE void fill(void* dest) noe * @param dest Memory to zero * @param len Size in bytes */ -template static ZT_INLINE void fill(void* dest, unsigned long len) noexcept +template static ZT_INLINE void fill(void *dest, unsigned long len) noexcept { #if defined(ZT_ARCH_X64) && defined(__GNUC__) __asm__ __volatile__("cld ; rep stosb" : "+c"(len), "+D"(dest) : "a"(B) : "memory"); @@ -688,7 +672,7 @@ template static ZT_INLINE void fill(void* dest, unsigned long len) n * @param len Length of data * @return FNV1a checksum */ -uint32_t fnv1a32(const void* restrict data, unsigned int len) noexcept; +uint32_t fnv1a32(const void *restrict data, unsigned int len) noexcept; /** * Mix bits in a 64-bit integer (non-cryptographic, for hash tables) diff --git a/core/VL1.cpp b/core/VL1.cpp index 86289d163..c209ff00a 100644 --- a/core/VL1.cpp +++ b/core/VL1.cpp @@ -31,31 +31,31 @@ namespace ZeroTier { namespace { -ZT_INLINE const Identity& identityFromPeerPtr(const SharedPtr& p) -{ - return (p) ? p->identity() : Identity::NIL; -} +ZT_INLINE const Identity &identityFromPeerPtr(const SharedPtr &p) { return (p) ? p->identity() : Identity::NIL; } struct p_SalsaPolyCopyFunction { Salsa20 s20; Poly1305 poly1305; unsigned int hdrRemaining; - ZT_INLINE p_SalsaPolyCopyFunction(const void* salsaKey, const void* salsaIv) : s20(salsaKey, salsaIv), poly1305(), hdrRemaining(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START) + ZT_INLINE p_SalsaPolyCopyFunction(const void *salsaKey, const void *salsaIv) + : s20(salsaKey, salsaIv) + , poly1305() + , hdrRemaining(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START) { uint8_t macKey[ZT_POLY1305_KEY_SIZE]; s20.crypt12(Utils::ZERO256, macKey, ZT_POLY1305_KEY_SIZE); poly1305.init(macKey); } - ZT_INLINE void operator()(void* dest, const void* src, unsigned int len) noexcept + ZT_INLINE void operator()(void *dest, const void *src, unsigned int len) noexcept { if (hdrRemaining != 0) { unsigned int hdrBytes = (len > hdrRemaining) ? hdrRemaining : len; Utils::copy(dest, src, hdrBytes); hdrRemaining -= hdrBytes; - dest = reinterpret_cast(dest) + hdrBytes; - src = reinterpret_cast(src) + hdrBytes; + dest = reinterpret_cast(dest) + hdrBytes; + src = reinterpret_cast(src) + hdrBytes; len -= hdrBytes; } poly1305.update(src, len); @@ -67,21 +67,23 @@ struct p_PolyCopyFunction { Poly1305 poly1305; unsigned int hdrRemaining; - ZT_INLINE p_PolyCopyFunction(const void* salsaKey, const void* salsaIv) : poly1305(), hdrRemaining(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START) + ZT_INLINE p_PolyCopyFunction(const void *salsaKey, const void *salsaIv) + : poly1305() + , hdrRemaining(ZT_PROTO_PACKET_ENCRYPTED_SECTION_START) { uint8_t macKey[ZT_POLY1305_KEY_SIZE]; Salsa20(salsaKey, salsaIv).crypt12(Utils::ZERO256, macKey, ZT_POLY1305_KEY_SIZE); poly1305.init(macKey); } - ZT_INLINE void operator()(void* dest, const void* src, unsigned int len) noexcept + ZT_INLINE void operator()(void *dest, const void *src, unsigned int len) noexcept { if (hdrRemaining != 0) { unsigned int hdrBytes = (len > hdrRemaining) ? hdrRemaining : len; Utils::copy(dest, src, hdrBytes); hdrRemaining -= hdrBytes; - dest = reinterpret_cast(dest) + hdrBytes; - src = reinterpret_cast(src) + hdrBytes; + dest = reinterpret_cast(dest) + hdrBytes; + src = reinterpret_cast(src) + hdrBytes; len -= hdrBytes; } poly1305.update(src, len); @@ -91,11 +93,11 @@ struct p_PolyCopyFunction { } // anonymous namespace -VL1::VL1(const Context& ctx) : m_ctx(ctx) -{ -} +VL1::VL1(const Context &ctx) : m_ctx(ctx) {} -void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetAddress& fromAddr, SharedPtr& data, const unsigned int len) noexcept +void VL1::onRemotePacket( + CallContext &cc, const int64_t localSocket, const InetAddress &fromAddr, SharedPtr &data, + const unsigned int len) noexcept { const SharedPtr path(m_ctx.topology->path(localSocket, fromAddr)); @@ -113,7 +115,8 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA static_assert((ZT_PROTO_PACKET_ID_INDEX + sizeof(uint64_t)) < ZT_PROTO_MIN_FRAGMENT_LENGTH, "overflow"); const uint64_t packetId = Utils::loadMachineEndian(data->unsafeData + ZT_PROTO_PACKET_ID_INDEX); - static_assert((ZT_PROTO_PACKET_DESTINATION_INDEX + ZT_ADDRESS_LENGTH) < ZT_PROTO_MIN_FRAGMENT_LENGTH, "overflow"); + static_assert( + (ZT_PROTO_PACKET_DESTINATION_INDEX + ZT_ADDRESS_LENGTH) < ZT_PROTO_MIN_FRAGMENT_LENGTH, "overflow"); const Address destination(data->unsafeData + ZT_PROTO_PACKET_DESTINATION_INDEX); if (destination != m_ctx.identity.address()) { m_relay(cc, path, destination, data, len); @@ -131,10 +134,11 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA // This looks like a fragment (excluding the head) of a larger packet. static_assert(ZT_PROTO_PACKET_FRAGMENT_COUNTS < ZT_PROTO_MIN_FRAGMENT_LENGTH, "overflow"); const unsigned int totalFragments = (data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] >> 4U) & 0x0fU; - const unsigned int fragmentNo = data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] & 0x0fU; - switch (m_inputPacketAssembler.assemble(packetId, pktv, data, ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT, len - ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT, fragmentNo, totalFragments, cc.ticks, path)) { - case Defragmenter::COMPLETE: - break; + const unsigned int fragmentNo = data->unsafeData[ZT_PROTO_PACKET_FRAGMENT_COUNTS] & 0x0fU; + switch (m_inputPacketAssembler.assemble( + packetId, pktv, data, ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT, + len - ZT_PROTO_PACKET_FRAGMENT_PAYLOAD_START_AT, fragmentNo, totalFragments, cc.ticks, path)) { + case Defragmenter::COMPLETE: break; default: // case Defragmenter::OK: // case Defragmenter::ERR_DUPLICATE_FRAGMENT: @@ -151,17 +155,13 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA if ((data->unsafeData[ZT_PROTO_PACKET_FLAGS_INDEX] & ZT_PROTO_FLAG_FRAGMENTED) != 0) { // This is the head of a series of fragments that we may or may not already have. switch (m_inputPacketAssembler.assemble( - packetId, - pktv, - data, + packetId, pktv, data, 0, // fragment index is 0 since this is the head len, 0, // always the zero'eth fragment 0, // this is specified in fragments, not in the head - cc.ticks, - path)) { - case Defragmenter::COMPLETE: - break; + cc.ticks, path)) { + case Defragmenter::COMPLETE: break; default: // case Defragmenter::OK: // case Defragmenter::ERR_DUPLICATE_FRAGMENT: @@ -184,27 +184,33 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA // If we made it this far without returning, a packet is fully assembled and ready to process. // ---------------------------------------------------------------------------------------------------------------- - const uint8_t* const hdr = pktv[0].b->unsafeData + pktv[0].s; + const uint8_t *const hdr = pktv[0].b->unsafeData + pktv[0].s; static_assert((ZT_PROTO_PACKET_SOURCE_INDEX + ZT_ADDRESS_LENGTH) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); const Address source(hdr + ZT_PROTO_PACKET_SOURCE_INDEX); static_assert(ZT_PROTO_PACKET_FLAGS_INDEX < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); - const uint8_t hops = hdr[ZT_PROTO_PACKET_FLAGS_INDEX] & ZT_PROTO_FLAG_FIELD_HOPS_MASK; + const uint8_t hops = hdr[ZT_PROTO_PACKET_FLAGS_INDEX] & ZT_PROTO_FLAG_FIELD_HOPS_MASK; const uint8_t cipher = (hdr[ZT_PROTO_PACKET_FLAGS_INDEX] >> 3U) & 3U; SharedPtr pkt(new Buf()); int pktSize = 0; static_assert(ZT_PROTO_PACKET_VERB_INDEX < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); - if (unlikely(((cipher == ZT_PROTO_CIPHER_POLY1305_NONE) || (cipher == ZT_PROTO_CIPHER_NONE)) && ((hdr[ZT_PROTO_PACKET_VERB_INDEX] & ZT_PROTO_VERB_MASK) == Protocol::VERB_HELLO))) { + if (unlikely( + ((cipher == ZT_PROTO_CIPHER_POLY1305_NONE) || (cipher == ZT_PROTO_CIPHER_NONE)) + && ((hdr[ZT_PROTO_PACKET_VERB_INDEX] & ZT_PROTO_VERB_MASK) == Protocol::VERB_HELLO))) { // Handle unencrypted HELLO packets. pktSize = pktv.mergeCopy(*pkt); if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) { - ZT_SPEW("discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, + source.toString().c_str(), fromAddr.toString().c_str(), pktSize); return; } const SharedPtr peer(m_HELLO(cc, path, *pkt, pktSize)); if (likely(peer)) - peer->received(m_ctx, cc, path, hops, packetId, pktSize - ZT_PROTO_PACKET_PAYLOAD_START, Protocol::VERB_HELLO, Protocol::VERB_NOP); + peer->received( + m_ctx, cc, path, hops, packetId, pktSize - ZT_PROTO_PACKET_PAYLOAD_START, Protocol::VERB_HELLO, + Protocol::VERB_NOP); return; } @@ -221,9 +227,11 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA Protocol::salsa2012DeriveKey(peer->rawIdentityKey(), perPacketKey, *pktv[0].b, pktv.totalSize()); p_PolyCopyFunction s20cf(perPacketKey, &packetId); - pktSize = pktv.mergeMap(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf); + pktSize = pktv.mergeMap(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf); if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) { - ZT_SPEW("discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, + source.toString().c_str(), fromAddr.toString().c_str(), pktSize); return; } @@ -231,8 +239,12 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA s20cf.poly1305.finish(mac); static_assert((ZT_PROTO_PACKET_MAC_INDEX + 8) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); if (unlikely(Utils::loadMachineEndian(hdr + ZT_PROTO_PACKET_MAC_INDEX) != mac[0])) { - ZT_SPEW("discarding packet %.16llx from %s(%s): packet MAC failed (none/poly1305)", packetId, source.toString().c_str(), fromAddr.toString().c_str()); - m_ctx.t->incomingPacketDropped(cc, 0xcc89c812, packetId, 0, peer->identity(), path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): packet MAC failed (none/poly1305)", packetId, + source.toString().c_str(), fromAddr.toString().c_str()); + m_ctx.t->incomingPacketDropped( + cc, 0xcc89c812, packetId, 0, peer->identity(), path->address(), hops, Protocol::VERB_NOP, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return; } @@ -244,9 +256,12 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA Protocol::salsa2012DeriveKey(peer->rawIdentityKey(), perPacketKey, *pktv[0].b, pktv.totalSize()); p_SalsaPolyCopyFunction s20cf(perPacketKey, &packetId); - pktSize = pktv.mergeMap(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf); + pktSize = + pktv.mergeMap(*pkt, ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, s20cf); if (unlikely(pktSize < ZT_PROTO_MIN_PACKET_LENGTH)) { - ZT_SPEW("discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): assembled packet size: %d", packetId, + source.toString().c_str(), fromAddr.toString().c_str(), pktSize); return; } @@ -254,8 +269,12 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA s20cf.poly1305.finish(mac); static_assert((ZT_PROTO_PACKET_MAC_INDEX + 8) < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); if (unlikely(Utils::loadMachineEndian(hdr + ZT_PROTO_PACKET_MAC_INDEX) != mac[0])) { - ZT_SPEW("discarding packet %.16llx from %s(%s): packet MAC failed (salsa/poly1305)", packetId, source.toString().c_str(), fromAddr.toString().c_str()); - m_ctx.t->incomingPacketDropped(cc, 0xcc89c812, packetId, 0, peer->identity(), path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): packet MAC failed (salsa/poly1305)", packetId, + source.toString().c_str(), fromAddr.toString().c_str()); + m_ctx.t->incomingPacketDropped( + cc, 0xcc89c812, packetId, 0, peer->identity(), path->address(), hops, Protocol::VERB_NOP, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return; } @@ -271,7 +290,9 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA } break; default: - m_ctx.t->incomingPacketDropped(cc, 0x5b001099, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); + m_ctx.t->incomingPacketDropped( + cc, 0x5b001099, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, + Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); return; } } @@ -283,21 +304,20 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA ZT_SPEW( "discarding packet %.16llx from %s(%s): assembled packet size %d is smaller than minimum packet " "length", - packetId, - source.toString().c_str(), - fromAddr.toString().c_str(), - pktSize); + packetId, source.toString().c_str(), fromAddr.toString().c_str(), pktSize); return; } // TODO: should take instance ID into account here once that is fully implemented. if (unlikely(peer->deduplicateIncomingPacket(packetId))) { - ZT_SPEW("discarding packet %.16llx from %s(%s): duplicate!", packetId, source.toString().c_str(), fromAddr.toString().c_str()); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): duplicate!", packetId, source.toString().c_str(), + fromAddr.toString().c_str()); return; } static_assert(ZT_PROTO_PACKET_VERB_INDEX < ZT_PROTO_MIN_PACKET_LENGTH, "overflow"); - const uint8_t verbFlags = pkt->unsafeData[ZT_PROTO_PACKET_VERB_INDEX]; + const uint8_t verbFlags = pkt->unsafeData[ZT_PROTO_PACKET_VERB_INDEX]; const Protocol::Verb verb = (Protocol::Verb)(verbFlags & ZT_PROTO_VERB_MASK); // Decompress packet payload if compressed. For additional safety decompression is @@ -307,22 +327,27 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA SharedPtr dec(new Buf()); Utils::copy(dec->unsafeData, pkt->unsafeData); const int uncompressedLen = LZ4_decompress_safe( - reinterpret_cast(pkt->unsafeData + ZT_PROTO_PACKET_PAYLOAD_START), - reinterpret_cast(dec->unsafeData + ZT_PROTO_PACKET_PAYLOAD_START), - pktSize - ZT_PROTO_PACKET_PAYLOAD_START, - ZT_BUF_MEM_SIZE - ZT_PROTO_PACKET_PAYLOAD_START); - if (likely((uncompressedLen >= 0) && (uncompressedLen <= (ZT_BUF_MEM_SIZE - ZT_PROTO_PACKET_PAYLOAD_START)))) { + reinterpret_cast(pkt->unsafeData + ZT_PROTO_PACKET_PAYLOAD_START), + reinterpret_cast(dec->unsafeData + ZT_PROTO_PACKET_PAYLOAD_START), + pktSize - ZT_PROTO_PACKET_PAYLOAD_START, ZT_BUF_MEM_SIZE - ZT_PROTO_PACKET_PAYLOAD_START); + if (likely( + (uncompressedLen >= 0) + && (uncompressedLen <= (ZT_BUF_MEM_SIZE - ZT_PROTO_PACKET_PAYLOAD_START)))) { pkt.swap(dec); ZT_SPEW("decompressed packet: %d -> %d", pktSize, ZT_PROTO_PACKET_PAYLOAD_START + uncompressedLen); pktSize = ZT_PROTO_PACKET_PAYLOAD_START + uncompressedLen; } else { - m_ctx.t->incomingPacketDropped(cc, 0xee9e4392, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, verb, ZT_TRACE_PACKET_DROP_REASON_INVALID_COMPRESSED_DATA); + m_ctx.t->incomingPacketDropped( + cc, 0xee9e4392, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, verb, + ZT_TRACE_PACKET_DROP_REASON_INVALID_COMPRESSED_DATA); return; } } - ZT_SPEW("%s from %s(%s) (%d bytes)", Protocol::verbName(verb), source.toString().c_str(), fromAddr.toString().c_str(), pktSize); + ZT_SPEW( + "%s from %s(%s) (%d bytes)", Protocol::verbName(verb), source.toString().c_str(), + fromAddr.toString().c_str(), pktSize); // NOTE: HELLO is normally sent in the clear (in terms of our usual AEAD modes) and is handled // above. We will try to process it here, but if so it'll still get re-authenticated via HELLO's @@ -330,34 +355,21 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA // but not invalid. Protocol::Verb inReVerb = Protocol::VERB_NOP; - bool ok = true; + bool ok = true; switch (verb) { - case Protocol::VERB_NOP: - break; - case Protocol::VERB_HELLO: - ok = (bool)(m_HELLO(cc, path, *pkt, pktSize)); - break; - case Protocol::VERB_ERROR: - ok = m_ERROR(cc, packetId, auth, path, peer, *pkt, pktSize, inReVerb); - break; - case Protocol::VERB_OK: - ok = m_OK(cc, packetId, auth, path, peer, *pkt, pktSize, inReVerb); - break; - case Protocol::VERB_WHOIS: - ok = m_WHOIS(cc, packetId, auth, path, peer, *pkt, pktSize); - break; - case Protocol::VERB_RENDEZVOUS: - ok = m_RENDEZVOUS(cc, packetId, auth, path, peer, *pkt, pktSize); - break; + case Protocol::VERB_NOP: break; + case Protocol::VERB_HELLO: ok = (bool)(m_HELLO(cc, path, *pkt, pktSize)); break; + case Protocol::VERB_ERROR: ok = m_ERROR(cc, packetId, auth, path, peer, *pkt, pktSize, inReVerb); break; + case Protocol::VERB_OK: ok = m_OK(cc, packetId, auth, path, peer, *pkt, pktSize, inReVerb); break; + case Protocol::VERB_WHOIS: ok = m_WHOIS(cc, packetId, auth, path, peer, *pkt, pktSize); break; + case Protocol::VERB_RENDEZVOUS: ok = m_RENDEZVOUS(cc, packetId, auth, path, peer, *pkt, pktSize); break; case Protocol::VERB_FRAME: ok = m_ctx.vl2->m_FRAME(cc, packetId, auth, path, peer, *pkt, pktSize); break; case Protocol::VERB_EXT_FRAME: ok = m_ctx.vl2->m_EXT_FRAME(cc, packetId, auth, path, peer, *pkt, pktSize); break; - case Protocol::VERB_ECHO: - ok = m_ECHO(cc, packetId, auth, path, peer, *pkt, pktSize); - break; + case Protocol::VERB_ECHO: ok = m_ECHO(cc, packetId, auth, path, peer, *pkt, pktSize); break; case Protocol::VERB_MULTICAST_LIKE: ok = m_ctx.vl2->m_MULTICAST_LIKE(cc, packetId, auth, path, peer, *pkt, pktSize); break; @@ -385,16 +397,17 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA case Protocol::VERB_MULTICAST: ok = m_ctx.vl2->m_MULTICAST(cc, packetId, auth, path, peer, *pkt, pktSize); break; - case Protocol::VERB_ENCAP: - ok = m_ENCAP(cc, packetId, auth, path, peer, *pkt, pktSize); - break; + case Protocol::VERB_ENCAP: ok = m_ENCAP(cc, packetId, auth, path, peer, *pkt, pktSize); break; default: - m_ctx.t->incomingPacketDropped(cc, 0xeeeeeff0, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, verb, ZT_TRACE_PACKET_DROP_REASON_UNRECOGNIZED_VERB); + m_ctx.t->incomingPacketDropped( + cc, 0xeeeeeff0, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, verb, + ZT_TRACE_PACKET_DROP_REASON_UNRECOGNIZED_VERB); break; } if (likely(ok)) - peer->received(m_ctx, cc, path, hops, packetId, pktSize - ZT_PROTO_PACKET_PAYLOAD_START, verb, inReVerb); + peer->received( + m_ctx, cc, path, hops, packetId, pktSize - ZT_PROTO_PACKET_PAYLOAD_START, verb, inReVerb); } else { // If decryption and authentication were not successful, try to look up identities. @@ -406,11 +419,11 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA bool sendPending; { Mutex::Lock wl(m_whoisQueue_l); - p_WhoisQueueItem& wq = m_whoisQueue[source]; - const unsigned int wpidx = wq.waitingPacketCount++ % ZT_VL1_MAX_WHOIS_WAITING_PACKETS; + p_WhoisQueueItem &wq = m_whoisQueue[source]; + const unsigned int wpidx = wq.waitingPacketCount++ % ZT_VL1_MAX_WHOIS_WAITING_PACKETS; wq.waitingPacketSize[wpidx] = (unsigned int)pktSize; - wq.waitingPacket[wpidx] = pkt; - sendPending = (cc.ticks - wq.lastRetry) >= ZT_WHOIS_RETRY_DELAY; + wq.waitingPacket[wpidx] = pkt; + sendPending = (cc.ticks - wq.lastRetry) >= ZT_WHOIS_RETRY_DELAY; } if (sendPending) m_sendPendingWhois(cc); @@ -418,21 +431,23 @@ void VL1::onRemotePacket(CallContext& cc, const int64_t localSocket, const InetA } } catch (...) { - m_ctx.t->unexpectedError(cc, 0xea1b6dea, "unexpected exception in onRemotePacket() parsing packet from %s", path->address().toString().c_str()); + m_ctx.t->unexpectedError( + cc, 0xea1b6dea, "unexpected exception in onRemotePacket() parsing packet from %s", + path->address().toString().c_str()); } } -void VL1::m_relay(CallContext& cc, const SharedPtr& path, Address destination, SharedPtr& pkt, int pktSize) +void VL1::m_relay(CallContext &cc, const SharedPtr &path, Address destination, SharedPtr &pkt, int pktSize) { } -void VL1::m_sendPendingWhois(CallContext& cc) +void VL1::m_sendPendingWhois(CallContext &cc) { const SharedPtr root(m_ctx.topology->root()); - if (unlikely(! root)) + if (unlikely(!root)) return; const SharedPtr rootPath(root->path(cc)); - if (unlikely(! rootPath)) + if (unlikely(!rootPath)) return; Vector
toSend; @@ -447,13 +462,14 @@ void VL1::m_sendPendingWhois(CallContext& cc) } } - if (! toSend.empty()) { - SymmetricKey& key = root->key(); + if (!toSend.empty()) { + SymmetricKey &key = root->key(); uint8_t outp[ZT_DEFAULT_UDP_MTU - ZT_PROTO_MIN_PACKET_LENGTH]; Vector
::iterator a(toSend.begin()); while (a != toSend.end()) { const uint64_t packetId = key.nextMessage(m_ctx.identity.address(), root->address()); - int p = Protocol::newPacket(outp, packetId, root->address(), m_ctx.identity.address(), Protocol::VERB_WHOIS); + int p = + Protocol::newPacket(outp, packetId, root->address(), m_ctx.identity.address(), Protocol::VERB_WHOIS); while ((a != toSend.end()) && (p < (sizeof(outp) - ZT_ADDRESS_LENGTH))) { a->copyTo(outp + p); ++a; @@ -465,32 +481,38 @@ void VL1::m_sendPendingWhois(CallContext& cc) } } -SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& pkt, int packetSize) +SharedPtr VL1::m_HELLO(CallContext &cc, const SharedPtr &path, Buf &pkt, int packetSize) { const uint64_t packetId = Utils::loadMachineEndian(pkt.unsafeData + ZT_PROTO_PACKET_ID_INDEX); - const uint64_t mac = Utils::loadMachineEndian(pkt.unsafeData + ZT_PROTO_PACKET_MAC_INDEX); - const uint8_t hops = pkt.unsafeData[ZT_PROTO_PACKET_FLAGS_INDEX] & ZT_PROTO_FLAG_FIELD_HOPS_MASK; + const uint64_t mac = Utils::loadMachineEndian(pkt.unsafeData + ZT_PROTO_PACKET_MAC_INDEX); + const uint8_t hops = pkt.unsafeData[ZT_PROTO_PACKET_FLAGS_INDEX] & ZT_PROTO_FLAG_FIELD_HOPS_MASK; const uint8_t protoVersion = pkt.lI8(); if (unlikely(protoVersion < ZT_PROTO_VERSION_MIN)) { - m_ctx.t->incomingPacketDropped(cc, 0x907a9891, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_PEER_TOO_OLD); + m_ctx.t->incomingPacketDropped( + cc, 0x907a9891, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_PEER_TOO_OLD); return SharedPtr(); } const unsigned int versionMajor = pkt.lI8(); const unsigned int versionMinor = pkt.lI8(); - const unsigned int versionRev = pkt.lI16(); - const uint64_t timestamp = pkt.lI64(); + const unsigned int versionRev = pkt.lI16(); + const uint64_t timestamp = pkt.lI64(); int ii = ZT_PROTO_PACKET_PAYLOAD_START + 13; // Get identity and verify that it matches the sending address in the packet. Identity id; if (unlikely(pkt.rO(ii, id) < 0)) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9810, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); + m_ctx.t->incomingPacketDropped( + cc, 0x707a9810, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); return SharedPtr(); } if (unlikely(id.address() != Address(pkt.unsafeData + ZT_PROTO_PACKET_SOURCE_INDEX))) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9010, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + m_ctx.t->incomingPacketDropped( + cc, 0x707a9010, packetId, 0, Identity::NIL, path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return SharedPtr(); } @@ -498,22 +520,30 @@ SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& SharedPtr peer(m_ctx.topology->peer(cc, id.address(), true)); if (peer) { if (unlikely(peer->identity() != id)) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + m_ctx.t->incomingPacketDropped( + cc, 0x707a9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return SharedPtr(); } if (unlikely(peer->deduplicateIncomingPacket(packetId))) { - ZT_SPEW("discarding packet %.16llx from %s(%s): duplicate!", packetId, id.address().toString().c_str(), path->address().toString().c_str()); + ZT_SPEW( + "discarding packet %.16llx from %s(%s): duplicate!", packetId, id.address().toString().c_str(), + path->address().toString().c_str()); return SharedPtr(); } } else { - if (unlikely(! id.locallyValidate())) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9892, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); + if (unlikely(!id.locallyValidate())) { + m_ctx.t->incomingPacketDropped( + cc, 0x707a9892, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); return SharedPtr(); } peer.set(new Peer()); - if (unlikely(! peer->init(m_ctx, cc, id))) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9893, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_UNSPECIFIED); + if (unlikely(!peer->init(m_ctx, cc, id))) { + m_ctx.t->incomingPacketDropped( + cc, 0x707a9893, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_UNSPECIFIED); return SharedPtr(); } peer = m_ctx.topology->add(cc, peer); @@ -529,15 +559,19 @@ SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& // field is ignored, and eventually it'll be undefined. uint8_t hmac[ZT_HMACSHA384_LEN]; if (unlikely(packetSize < ZT_HMACSHA384_LEN)) { - m_ctx.t->incomingPacketDropped(cc, 0xab9c9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + m_ctx.t->incomingPacketDropped( + cc, 0xab9c9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return SharedPtr(); } packetSize -= ZT_HMACSHA384_LEN; pkt.unsafeData[ZT_PROTO_PACKET_FLAGS_INDEX] &= ~ZT_PROTO_FLAG_FIELD_HOPS_MASK; // mask hops to 0 Utils::storeMachineEndian(pkt.unsafeData + ZT_PROTO_PACKET_MAC_INDEX, 0); // set MAC field to 0 HMACSHA384(peer->identityHelloHmacKey(), pkt.unsafeData, packetSize, hmac); - if (unlikely(! Utils::secureEq(hmac, pkt.unsafeData + packetSize, ZT_HMACSHA384_LEN))) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + if (unlikely(!Utils::secureEq(hmac, pkt.unsafeData + packetSize, ZT_HMACSHA384_LEN))) { + m_ctx.t->incomingPacketDropped( + cc, 0x707a9891, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return SharedPtr(); } } @@ -549,16 +583,22 @@ SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& uint8_t macKey[ZT_POLY1305_KEY_SIZE]; Salsa20(perPacketKey, &packetId).crypt12(Utils::ZERO256, macKey, ZT_POLY1305_KEY_SIZE); Poly1305 poly1305(macKey); - poly1305.update(pkt.unsafeData + ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, packetSize - ZT_PROTO_PACKET_ENCRYPTED_SECTION_START); + poly1305.update( + pkt.unsafeData + ZT_PROTO_PACKET_ENCRYPTED_SECTION_START, + packetSize - ZT_PROTO_PACKET_ENCRYPTED_SECTION_START); uint64_t polyMac[2]; poly1305.finish(polyMac); if (unlikely(mac != polyMac[0])) { - m_ctx.t->incomingPacketDropped(cc, 0x11bfff82, packetId, 0, id, path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + m_ctx.t->incomingPacketDropped( + cc, 0x11bfff82, packetId, 0, id, path->address(), hops, Protocol::VERB_NOP, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return SharedPtr(); } } else { - m_ctx.t->incomingPacketDropped(cc, 0x11bfff81, packetId, 0, id, path->address(), hops, Protocol::VERB_NOP, ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); + m_ctx.t->incomingPacketDropped( + cc, 0x11bfff81, packetId, 0, id, path->address(), hops, Protocol::VERB_NOP, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED); return SharedPtr(); } } @@ -569,18 +609,20 @@ SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& InetAddress sentTo; if (unlikely(pkt.rO(ii, sentTo) < 0)) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9811, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); + m_ctx.t->incomingPacketDropped( + cc, 0x707a9811, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); return SharedPtr(); } - SymmetricKey& key = peer->key(); + SymmetricKey &key = peer->key(); if (protoVersion >= 11) { // V2.x and newer supports an encrypted section and has a new OK format. ii += 4; // skip reserved field if (likely((ii + 12) < packetSize)) { AES::CTR ctr(peer->identityHelloDictionaryEncryptionCipher()); - const uint8_t* const ctrNonce = pkt.unsafeData + ii; + const uint8_t *const ctrNonce = pkt.unsafeData + ii; ii += 12; ctr.init(ctrNonce, 0, pkt.unsafeData + ii); ctr.crypt(pkt.unsafeData + ii, packetSize - ii); @@ -589,22 +631,28 @@ SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& ii += 2; // skip reserved field const unsigned int dictSize = pkt.rI16(ii); if (unlikely((ii + dictSize) > packetSize)) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9815, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); + m_ctx.t->incomingPacketDropped( + cc, 0x707a9815, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); return peer; } Dictionary md; - if (! md.decode(pkt.unsafeData + ii, dictSize)) { - m_ctx.t->incomingPacketDropped(cc, 0x707a9816, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); + if (!md.decode(pkt.unsafeData + ii, dictSize)) { + m_ctx.t->incomingPacketDropped( + cc, 0x707a9816, packetId, 0, identityFromPeerPtr(peer), path->address(), hops, Protocol::VERB_HELLO, + ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT); return peer; } - if (! md.empty()) { + if (!md.empty()) { // TODO } } } - Protocol::newPacket(pkt, key.nextMessage(m_ctx.identity.address(), peer->address()), peer->address(), m_ctx.identity.address(), Protocol::VERB_OK); + Protocol::newPacket( + pkt, key.nextMessage(m_ctx.identity.address(), peer->address()), peer->address(), m_ctx.identity.address(), + Protocol::VERB_OK); ii = ZT_PROTO_PACKET_PAYLOAD_START; pkt.wI8(ii, Protocol::VERB_HELLO); pkt.wI64(ii, packetId); @@ -633,7 +681,9 @@ SharedPtr VL1::m_HELLO(CallContext& cc, const SharedPtr& path, Buf& return peer; } -bool VL1::m_ERROR(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb) +bool VL1::m_ERROR( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize, Protocol::Verb &inReVerb) { #if 0 if (packetSize < (int)sizeof(Protocol::ERROR::Header)) { @@ -680,42 +730,48 @@ bool VL1::m_ERROR(CallContext& cc, const uint64_t packetId, const unsigned int a #endif } -bool VL1::m_OK(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb) +bool VL1::m_OK( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize, Protocol::Verb &inReVerb) { int ii = ZT_PROTO_PACKET_PAYLOAD_START + 13; - inReVerb = (Protocol::Verb)pkt.rI8(ii); + inReVerb = (Protocol::Verb)pkt.rI8(ii); const uint64_t inRePacketId = pkt.rI64(ii); if (unlikely(Buf::readOverflow(ii, packetSize))) { - m_ctx.t->incomingPacketDropped(cc, 0x4c1f1ff7, packetId, 0, identityFromPeerPtr(peer), path->address(), 0, Protocol::VERB_OK, ZT_TRACE_PACKET_DROP_REASON_MALFORMED_PACKET); + m_ctx.t->incomingPacketDropped( + cc, 0x4c1f1ff7, packetId, 0, identityFromPeerPtr(peer), path->address(), 0, Protocol::VERB_OK, + ZT_TRACE_PACKET_DROP_REASON_MALFORMED_PACKET); return false; } - if (unlikely(! m_ctx.expect->expecting(inRePacketId, cc.ticks))) { - m_ctx.t->incomingPacketDropped(cc, 0x4c1f1ff8, packetId, 0, identityFromPeerPtr(peer), path->address(), 0, Protocol::VERB_OK, ZT_TRACE_PACKET_DROP_REASON_REPLY_NOT_EXPECTED); + if (unlikely(!m_ctx.expect->expecting(inRePacketId, cc.ticks))) { + m_ctx.t->incomingPacketDropped( + cc, 0x4c1f1ff8, packetId, 0, identityFromPeerPtr(peer), path->address(), 0, Protocol::VERB_OK, + ZT_TRACE_PACKET_DROP_REASON_REPLY_NOT_EXPECTED); return false; } - ZT_SPEW("got OK in-re %s (packet ID %.16llx) from %s(%s)", Protocol::verbName(inReVerb), inRePacketId, peer->address().toString().c_str(), path->address().toString().c_str()); + ZT_SPEW( + "got OK in-re %s (packet ID %.16llx) from %s(%s)", Protocol::verbName(inReVerb), inRePacketId, + peer->address().toString().c_str(), path->address().toString().c_str()); switch (inReVerb) { - case Protocol::VERB_HELLO: - break; + case Protocol::VERB_HELLO: break; - case Protocol::VERB_WHOIS: - break; + case Protocol::VERB_WHOIS: break; - case Protocol::VERB_NETWORK_CONFIG_REQUEST: - break; + case Protocol::VERB_NETWORK_CONFIG_REQUEST: break; - case Protocol::VERB_MULTICAST_GATHER: - break; + case Protocol::VERB_MULTICAST_GATHER: break; } return true; } -bool VL1::m_WHOIS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize) +bool VL1::m_WHOIS( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize) { #if 0 if (packetSize < (int)sizeof(Protocol::OK::Header)) { @@ -769,7 +825,9 @@ bool VL1::m_WHOIS(CallContext& cc, const uint64_t packetId, const unsigned int a #endif } -bool VL1::m_RENDEZVOUS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize) +bool VL1::m_RENDEZVOUS( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize) { #if 0 if (RR->topology->isRoot(peer->identity())) { @@ -817,7 +875,9 @@ bool VL1::m_RENDEZVOUS(CallContext& cc, const uint64_t packetId, const unsigned #endif } -bool VL1::m_ECHO(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize) +bool VL1::m_ECHO( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize) { #if 0 const uint64_t packetId = Protocol::packetId(pkt,packetSize); @@ -855,7 +915,9 @@ bool VL1::m_ECHO(CallContext& cc, const uint64_t packetId, const unsigned int au #endif } -bool VL1::m_PUSH_DIRECT_PATHS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize) +bool VL1::m_PUSH_DIRECT_PATHS( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize) { #if 0 if (packetSize < (int)sizeof(Protocol::PUSH_DIRECT_PATHS)) { @@ -946,13 +1008,17 @@ bool VL1::m_PUSH_DIRECT_PATHS(CallContext& cc, const uint64_t packetId, const un #endif } -bool VL1::m_USER_MESSAGE(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize) +bool VL1::m_USER_MESSAGE( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize) { // TODO return true; } -bool VL1::m_ENCAP(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize) +bool VL1::m_ENCAP( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + const SharedPtr &peer, Buf &pkt, int packetSize) { // TODO: not implemented yet return true; diff --git a/core/VL1.hpp b/core/VL1.hpp index aea18efa6..0f862caf8 100644 --- a/core/VL1.hpp +++ b/core/VL1.hpp @@ -45,7 +45,7 @@ class VL2; */ class VL1 { public: - explicit VL1(const Context& ctx); + explicit VL1(const Context &ctx); /** * Called when a packet is received from the real network @@ -61,31 +61,47 @@ class VL1 { * @param data Packet data * @param len Packet length */ - void onRemotePacket(CallContext& cc, int64_t localSocket, const InetAddress& fromAddr, SharedPtr& data, unsigned int len) noexcept; + void onRemotePacket( + CallContext &cc, int64_t localSocket, const InetAddress &fromAddr, SharedPtr &data, + unsigned int len) noexcept; private: - void m_relay(CallContext& cc, const SharedPtr& path, Address destination, SharedPtr& pkt, int pktSize); - void m_sendPendingWhois(CallContext& cc); - SharedPtr m_HELLO(CallContext& cc, const SharedPtr& path, Buf& pkt, int packetSize); - bool m_ERROR(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb); - bool m_OK(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize, Protocol::Verb& inReVerb); - bool m_WHOIS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize); - bool m_RENDEZVOUS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize); - bool m_ECHO(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize); - bool m_PUSH_DIRECT_PATHS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize); - bool m_USER_MESSAGE(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize); - bool m_ENCAP(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, const SharedPtr& peer, Buf& pkt, int packetSize); + void m_relay(CallContext &cc, const SharedPtr &path, Address destination, SharedPtr &pkt, int pktSize); + void m_sendPendingWhois(CallContext &cc); + SharedPtr m_HELLO(CallContext &cc, const SharedPtr &path, Buf &pkt, int packetSize); + bool m_ERROR( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize, Protocol::Verb &inReVerb); + bool m_OK( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize, Protocol::Verb &inReVerb); + bool m_WHOIS( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_RENDEZVOUS( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_ECHO( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_PUSH_DIRECT_PATHS( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_USER_MESSAGE( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_ENCAP( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, const SharedPtr &peer, + Buf &pkt, int packetSize); - const Context& m_ctx; + const Context &m_ctx; // Defragmentation engine for handling inbound packets with more than one fragment. Defragmenter m_inputPacketAssembler; // Queue of outbound WHOIS reqeusts and packets waiting on them. struct p_WhoisQueueItem { - ZT_INLINE p_WhoisQueueItem() : lastRetry(0), retries(0), waitingPacketCount(0) - { - } + ZT_INLINE p_WhoisQueueItem() : lastRetry(0), retries(0), waitingPacketCount(0) {} int64_t lastRetry; unsigned int retries; diff --git a/core/VL2.cpp b/core/VL2.cpp index 337c4b752..8ac6cdd98 100644 --- a/core/VL2.cpp +++ b/core/VL2.cpp @@ -23,47 +23,65 @@ namespace ZeroTier { -VL2::VL2(const Context& ctx) : m_ctx(ctx) +VL2::VL2(const Context &ctx) : m_ctx(ctx) {} + +void VL2::onLocalEthernet( + CallContext &cc, const SharedPtr &network, const MAC &from, const MAC &to, const unsigned int etherType, + unsigned int vlanId, SharedPtr &data, unsigned int len) { } -void VL2::onLocalEthernet(CallContext& cc, const SharedPtr& network, const MAC& from, const MAC& to, const unsigned int etherType, unsigned int vlanId, SharedPtr& data, unsigned int len) +bool VL2::m_FRAME( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_FRAME(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_EXT_FRAME( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_EXT_FRAME(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_MULTICAST_LIKE( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_MULTICAST_LIKE(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_NETWORK_CREDENTIALS( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_NETWORK_CREDENTIALS(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_NETWORK_CONFIG_REQUEST( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_NETWORK_CONFIG_REQUEST(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_NETWORK_CONFIG( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_NETWORK_CONFIG(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_MULTICAST_GATHER( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_MULTICAST_GATHER(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_MULTICAST_FRAME_deprecated( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } -bool VL2::m_MULTICAST_FRAME_deprecated(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) -{ -} - -bool VL2::m_MULTICAST(CallContext& cc, const uint64_t packetId, const unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize) +bool VL2::m_MULTICAST( + CallContext &cc, const uint64_t packetId, const unsigned int auth, const SharedPtr &path, + SharedPtr &peer, Buf &pkt, int packetSize) { } diff --git a/core/VL2.hpp b/core/VL2.hpp index 0c34f849b..6133013e2 100644 --- a/core/VL2.hpp +++ b/core/VL2.hpp @@ -36,7 +36,7 @@ class VL2 { friend class VL1; public: - explicit VL2(const Context& ctx); + explicit VL2(const Context &ctx); /** * Called when a packet comes from a local Ethernet tap @@ -49,21 +49,41 @@ class VL2 { * @param data Ethernet payload * @param len Frame length */ - void onLocalEthernet(CallContext& cc, const SharedPtr& network, const MAC& from, const MAC& to, unsigned int etherType, unsigned int vlanId, SharedPtr& data, unsigned int len); + void onLocalEthernet( + CallContext &cc, const SharedPtr &network, const MAC &from, const MAC &to, unsigned int etherType, + unsigned int vlanId, SharedPtr &data, unsigned int len); protected: - bool m_FRAME(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_EXT_FRAME(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_MULTICAST_LIKE(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_NETWORK_CREDENTIALS(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_NETWORK_CONFIG_REQUEST(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_NETWORK_CONFIG(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_MULTICAST_GATHER(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_MULTICAST_FRAME_deprecated(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); - bool m_MULTICAST(CallContext& cc, uint64_t packetId, unsigned int auth, const SharedPtr& path, SharedPtr& peer, Buf& pkt, int packetSize); + bool m_FRAME( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_EXT_FRAME( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_MULTICAST_LIKE( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_NETWORK_CREDENTIALS( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_NETWORK_CONFIG_REQUEST( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_NETWORK_CONFIG( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_MULTICAST_GATHER( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_MULTICAST_FRAME_deprecated( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); + bool m_MULTICAST( + CallContext &cc, uint64_t packetId, unsigned int auth, const SharedPtr &path, SharedPtr &peer, + Buf &pkt, int packetSize); private: - const Context& m_ctx; + const Context &m_ctx; }; } // namespace ZeroTier diff --git a/core/version.h.in b/core/version.h.in index cc43aed1b..0b2ec2501 100644 --- a/core/version.h.in +++ b/core/version.h.in @@ -17,17 +17,17 @@ /** * Major version */ -#define ZEROTIER_VERSION_MAJOR @ZEROTIER_VERSION_MAJOR@ +#define ZEROTIER_VERSION_MAJOR @ZEROTIER_VERSION_MAJOR @ /** * Minor version */ -#define ZEROTIER_VERSION_MINOR @ZEROTIER_VERSION_MINOR@ +#define ZEROTIER_VERSION_MINOR @ZEROTIER_VERSION_MINOR @ /** * Revision */ -#define ZEROTIER_VERSION_REVISION @ZEROTIER_VERSION_REVISION@ +#define ZEROTIER_VERSION_REVISION @ZEROTIER_VERSION_REVISION @ /** * Build version @@ -36,6 +36,6 @@ * to force a minor update without an actual version number change. It's * not part of the actual release version number. */ -#define ZEROTIER_VERSION_BUILD @ZEROTIER_VERSION_BUILD@ +#define ZEROTIER_VERSION_BUILD @ZEROTIER_VERSION_BUILD @ #endif diff --git a/core/zerotier.h b/core/zerotier.h index cfa9abec2..61223a7ee 100644 --- a/core/zerotier.h +++ b/core/zerotier.h @@ -259,7 +259,7 @@ extern "C" { */ enum ZT_IdentityType { ZT_IDENTITY_TYPE_C25519 = 0, /* C25519/Ed25519 */ - ZT_IDENTITY_TYPE_P384 = 1 /* Combined C25519/NIST-P-384 key */ + ZT_IDENTITY_TYPE_P384 = 1 /* Combined C25519/NIST-P-384 key */ }; /** @@ -291,14 +291,14 @@ typedef struct { * IP scope types as identified by InetAddress. */ enum ZT_InetAddress_IpScope { - ZT_IP_SCOPE_NONE = 0, // NULL or not an IP address - ZT_IP_SCOPE_MULTICAST = 1, // 224.0.0.0 and other V4/V6 multicast IPs - ZT_IP_SCOPE_LOOPBACK = 2, // 127.0.0.1, ::1, etc. + ZT_IP_SCOPE_NONE = 0, // NULL or not an IP address + ZT_IP_SCOPE_MULTICAST = 1, // 224.0.0.0 and other V4/V6 multicast IPs + ZT_IP_SCOPE_LOOPBACK = 2, // 127.0.0.1, ::1, etc. ZT_IP_SCOPE_PSEUDOPRIVATE = 3, // 28.x.x.x, etc. -- unofficially unrouted IPv4 blocks often "bogarted" - ZT_IP_SCOPE_GLOBAL = 4, // globally routable IP address (all others) - ZT_IP_SCOPE_LINK_LOCAL = 5, // 169.254.x.x, IPv6 LL - ZT_IP_SCOPE_SHARED = 6, // currently unused, formerly used for carrier-grade NAT ranges - ZT_IP_SCOPE_PRIVATE = 7 // 10.x.x.x, 192.168.x.x, etc. + ZT_IP_SCOPE_GLOBAL = 4, // globally routable IP address (all others) + ZT_IP_SCOPE_LINK_LOCAL = 5, // 169.254.x.x, IPv6 LL + ZT_IP_SCOPE_SHARED = 6, // currently unused, formerly used for carrier-grade NAT ranges + ZT_IP_SCOPE_PRIVATE = 7 // 10.x.x.x, 192.168.x.x, etc. }; /** @@ -528,12 +528,12 @@ typedef struct { /** * Identity (never NULL) */ - const ZT_Identity* identity; + const ZT_Identity *identity; /** * Locator (NULL if no locator included) */ - const ZT_Locator* locator; + const ZT_Locator *locator; } ZT_Certificate_Identity; /** @@ -563,17 +563,17 @@ typedef struct { /** * Identities and optional locators of nodes */ - ZT_Certificate_Identity* identities; + ZT_Certificate_Identity *identities; /** * Networks owned by this entity */ - ZT_Certificate_Network* networks; + ZT_Certificate_Network *networks; /** * URLs that can be consulted for updates to this certificate. */ - const char** updateURLs; + const char **updateURLs; /** * Number of identities @@ -701,7 +701,7 @@ typedef struct { /** * Extended attributes set by issuer (in Dictionary format, NULL if none) */ - const uint8_t* extendedAttributes; + const uint8_t *extendedAttributes; /** * Size of extended attributes field in bytes @@ -775,17 +775,17 @@ typedef struct { /** * Function that is called to free this list (called by ZT_freeQueryResult) */ - void (*freeFunction)(const void*); + void (*freeFunction)(const void *); /** * Array of pointers to certificates */ - const ZT_Certificate* const* certs; + const ZT_Certificate *const *certs; /** * Array of local trust flags for each certificate */ - const unsigned int* localTrust; + const unsigned int *localTrust; /** * Number of certificates @@ -796,7 +796,14 @@ typedef struct { /** * Credential type IDs */ -enum ZT_CredentialType { ZT_CREDENTIAL_TYPE_NULL = 0, ZT_CREDENTIAL_TYPE_COM = 1, ZT_CREDENTIAL_TYPE_CAPABILITY = 2, ZT_CREDENTIAL_TYPE_TAG = 3, ZT_CREDENTIAL_TYPE_COO = 4, ZT_CREDENTIAL_TYPE_REVOCATION = 6 }; +enum ZT_CredentialType { + ZT_CREDENTIAL_TYPE_NULL = 0, + ZT_CREDENTIAL_TYPE_COM = 1, + ZT_CREDENTIAL_TYPE_CAPABILITY = 2, + ZT_CREDENTIAL_TYPE_TAG = 3, + ZT_CREDENTIAL_TYPE_COO = 4, + ZT_CREDENTIAL_TYPE_REVOCATION = 6 +}; /** * Endpoint address and protocol types @@ -808,15 +815,15 @@ enum ZT_CredentialType { ZT_CREDENTIAL_TYPE_NULL = 0, ZT_CREDENTIAL_TYPE_COM = 1 * for future use. */ enum ZT_EndpointType { - ZT_ENDPOINT_TYPE_NIL = 0, /* Nil/empty endpoint */ - ZT_ENDPOINT_TYPE_ZEROTIER = 1, /* ZeroTier relaying (address+fingerprint) */ - ZT_ENDPOINT_TYPE_ETHERNET = 2, /* Ethernet with ethertype 0x9993 */ + ZT_ENDPOINT_TYPE_NIL = 0, /* Nil/empty endpoint */ + ZT_ENDPOINT_TYPE_ZEROTIER = 1, /* ZeroTier relaying (address+fingerprint) */ + ZT_ENDPOINT_TYPE_ETHERNET = 2, /* Ethernet with ethertype 0x9993 */ ZT_ENDPOINT_TYPE_WIFI_DIRECT = 3, /* Ethernet using WiFi direct */ - ZT_ENDPOINT_TYPE_BLUETOOTH = 4, /* Bluetooth (same address type as Ethernet) */ - ZT_ENDPOINT_TYPE_IP = 5, /* Naked IP (protocol 193) */ - ZT_ENDPOINT_TYPE_IP_UDP = 6, /* IP/UDP (the default and original) */ - ZT_ENDPOINT_TYPE_IP_TCP = 7, /* IP/TCP */ - ZT_ENDPOINT_TYPE_IP_TCP_WS = 8 /* IP/TCP web sockets */ + ZT_ENDPOINT_TYPE_BLUETOOTH = 4, /* Bluetooth (same address type as Ethernet) */ + ZT_ENDPOINT_TYPE_IP = 5, /* Naked IP (protocol 193) */ + ZT_ENDPOINT_TYPE_IP_UDP = 6, /* IP/UDP (the default and original) */ + ZT_ENDPOINT_TYPE_IP_TCP = 7, /* IP/TCP */ + ZT_ENDPOINT_TYPE_IP_TCP_WS = 8 /* IP/TCP web sockets */ }; /** @@ -850,15 +857,15 @@ enum ZT_EndpointType { * All trace event structures start with a size and type. */ enum ZT_TraceEventType { - ZT_TRACE_UNEXPECTED_ERROR = 0, - ZT_TRACE_VL1_RESETTING_PATHS_IN_SCOPE = 1, - ZT_TRACE_VL1_TRYING_NEW_PATH = 2, - ZT_TRACE_VL1_LEARNED_NEW_PATH = 3, - ZT_TRACE_VL1_INCOMING_PACKET_DROPPED = 4, - ZT_TRACE_VL2_OUTGOING_FRAME_DROPPED = 100, - ZT_TRACE_VL2_INCOMING_FRAME_DROPPED = 101, - ZT_TRACE_VL2_NETWORK_CONFIG_REQUESTED = 102, - ZT_TRACE_VL2_NETWORK_FILTER = 103, + ZT_TRACE_UNEXPECTED_ERROR = 0, + ZT_TRACE_VL1_RESETTING_PATHS_IN_SCOPE = 1, + ZT_TRACE_VL1_TRYING_NEW_PATH = 2, + ZT_TRACE_VL1_LEARNED_NEW_PATH = 3, + ZT_TRACE_VL1_INCOMING_PACKET_DROPPED = 4, + ZT_TRACE_VL2_OUTGOING_FRAME_DROPPED = 100, + ZT_TRACE_VL2_INCOMING_FRAME_DROPPED = 101, + ZT_TRACE_VL2_NETWORK_CONFIG_REQUESTED = 102, + ZT_TRACE_VL2_NETWORK_FILTER = 103, ZT_TRACE_VL2_NETWORK_CREDENTIAL_REJECTED = 104, }; @@ -866,29 +873,29 @@ enum ZT_TraceEventType { * Trace VL1 packet drop reasons */ enum ZT_TracePacketDropReason { - ZT_TRACE_PACKET_DROP_REASON_UNSPECIFIED = 0, - ZT_TRACE_PACKET_DROP_REASON_PEER_TOO_OLD = 1, - ZT_TRACE_PACKET_DROP_REASON_MALFORMED_PACKET = 2, - ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED = 3, - ZT_TRACE_PACKET_DROP_REASON_RATE_LIMIT_EXCEEDED = 4, - ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT = 5, + ZT_TRACE_PACKET_DROP_REASON_UNSPECIFIED = 0, + ZT_TRACE_PACKET_DROP_REASON_PEER_TOO_OLD = 1, + ZT_TRACE_PACKET_DROP_REASON_MALFORMED_PACKET = 2, + ZT_TRACE_PACKET_DROP_REASON_MAC_FAILED = 3, + ZT_TRACE_PACKET_DROP_REASON_RATE_LIMIT_EXCEEDED = 4, + ZT_TRACE_PACKET_DROP_REASON_INVALID_OBJECT = 5, ZT_TRACE_PACKET_DROP_REASON_INVALID_COMPRESSED_DATA = 6, - ZT_TRACE_PACKET_DROP_REASON_UNRECOGNIZED_VERB = 7, - ZT_TRACE_PACKET_DROP_REASON_REPLY_NOT_EXPECTED = 8 + ZT_TRACE_PACKET_DROP_REASON_UNRECOGNIZED_VERB = 7, + ZT_TRACE_PACKET_DROP_REASON_REPLY_NOT_EXPECTED = 8 }; /** * Trace VL2 frame drop reasons */ enum ZT_TraceFrameDropReason { - ZT_TRACE_FRAME_DROP_REASON_UNSPECIFIED = 0, - ZT_TRACE_FRAME_DROP_REASON_BRIDGING_NOT_ALLOWED_REMOTE = 1, - ZT_TRACE_FRAME_DROP_REASON_BRIDGING_NOT_ALLOWED_LOCAL = 2, - ZT_TRACE_FRAME_DROP_REASON_MULTICAST_DISABLED = 3, - ZT_TRACE_FRAME_DROP_REASON_BROADCAST_DISABLED = 4, - ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED = 5, + ZT_TRACE_FRAME_DROP_REASON_UNSPECIFIED = 0, + ZT_TRACE_FRAME_DROP_REASON_BRIDGING_NOT_ALLOWED_REMOTE = 1, + ZT_TRACE_FRAME_DROP_REASON_BRIDGING_NOT_ALLOWED_LOCAL = 2, + ZT_TRACE_FRAME_DROP_REASON_MULTICAST_DISABLED = 3, + ZT_TRACE_FRAME_DROP_REASON_BROADCAST_DISABLED = 4, + ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED = 5, ZT_TRACE_FRAME_DROP_REASON_FILTER_BLOCKED_AT_BRIDGE_REPLICATION = 6, - ZT_TRACE_FRAME_DROP_REASON_PERMISSION_DENIED = 7 + ZT_TRACE_FRAME_DROP_REASON_PERMISSION_DENIED = 7 }; /** @@ -896,9 +903,9 @@ enum ZT_TraceFrameDropReason { */ enum ZT_TraceCredentialRejectionReason { ZT_TRACE_CREDENTIAL_REJECTION_REASON_SIGNATURE_VERIFICATION_FAILED = 1, - ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED = 2, - ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST = 3, - ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID = 4 + ZT_TRACE_CREDENTIAL_REJECTION_REASON_REVOKED = 2, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_OLDER_THAN_LATEST = 3, + ZT_TRACE_CREDENTIAL_REJECTION_REASON_INVALID = 4 }; #define ZT_TRACE_FIELD_TYPE "t" @@ -1103,7 +1110,7 @@ typedef struct { /** * Identity of sender */ - const ZT_Identity* id; + const ZT_Identity *id; /** * User message type ID @@ -1113,7 +1120,7 @@ typedef struct { /** * User message data */ - const void* data; + const void *data; /** * Length of data in bytes @@ -1133,21 +1140,21 @@ typedef struct { /** * Actual identity object for this node */ - const ZT_Identity* identity; + const ZT_Identity *identity; /** * Public identity in string-serialized form (safe to send to others) * * This pointer will remain valid as long as the node exists. */ - const char* publicIdentity; + const char *publicIdentity; /** * Full identity including secret key in string-serialized form * * This pointer will remain valid as long as the node exists. */ - const char* secretIdentity; + const char *secretIdentity; /** * True if some kind of connectivity appears available @@ -1250,33 +1257,33 @@ enum ZT_VirtualNetworkRuleType { // 16 to 63 reserved for match criteria ZT_NETWORK_RULE_MATCH_SOURCE_ZEROTIER_ADDRESS = 24, - ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS = 25, - ZT_NETWORK_RULE_MATCH_VLAN_ID = 26, - ZT_NETWORK_RULE_MATCH_VLAN_PCP = 27, - ZT_NETWORK_RULE_MATCH_VLAN_DEI = 28, - ZT_NETWORK_RULE_MATCH_MAC_SOURCE = 29, - ZT_NETWORK_RULE_MATCH_MAC_DEST = 30, - ZT_NETWORK_RULE_MATCH_IPV4_SOURCE = 31, - ZT_NETWORK_RULE_MATCH_IPV4_DEST = 32, - ZT_NETWORK_RULE_MATCH_IPV6_SOURCE = 33, - ZT_NETWORK_RULE_MATCH_IPV6_DEST = 34, - ZT_NETWORK_RULE_MATCH_IP_TOS = 35, - ZT_NETWORK_RULE_MATCH_IP_PROTOCOL = 36, - ZT_NETWORK_RULE_MATCH_ETHERTYPE = 37, - ZT_NETWORK_RULE_MATCH_ICMP = 38, - ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE = 39, - ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE = 40, - ZT_NETWORK_RULE_MATCH_CHARACTERISTICS = 41, - ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE = 42, - ZT_NETWORK_RULE_MATCH_RANDOM = 43, - ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE = 44, - ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND = 45, - ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR = 46, - ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR = 47, - ZT_NETWORK_RULE_MATCH_TAGS_EQUAL = 48, - ZT_NETWORK_RULE_MATCH_TAG_SENDER = 49, - ZT_NETWORK_RULE_MATCH_TAG_RECEIVER = 50, - ZT_NETWORK_RULE_MATCH_INTEGER_RANGE = 51, + ZT_NETWORK_RULE_MATCH_DEST_ZEROTIER_ADDRESS = 25, + ZT_NETWORK_RULE_MATCH_VLAN_ID = 26, + ZT_NETWORK_RULE_MATCH_VLAN_PCP = 27, + ZT_NETWORK_RULE_MATCH_VLAN_DEI = 28, + ZT_NETWORK_RULE_MATCH_MAC_SOURCE = 29, + ZT_NETWORK_RULE_MATCH_MAC_DEST = 30, + ZT_NETWORK_RULE_MATCH_IPV4_SOURCE = 31, + ZT_NETWORK_RULE_MATCH_IPV4_DEST = 32, + ZT_NETWORK_RULE_MATCH_IPV6_SOURCE = 33, + ZT_NETWORK_RULE_MATCH_IPV6_DEST = 34, + ZT_NETWORK_RULE_MATCH_IP_TOS = 35, + ZT_NETWORK_RULE_MATCH_IP_PROTOCOL = 36, + ZT_NETWORK_RULE_MATCH_ETHERTYPE = 37, + ZT_NETWORK_RULE_MATCH_ICMP = 38, + ZT_NETWORK_RULE_MATCH_IP_SOURCE_PORT_RANGE = 39, + ZT_NETWORK_RULE_MATCH_IP_DEST_PORT_RANGE = 40, + ZT_NETWORK_RULE_MATCH_CHARACTERISTICS = 41, + ZT_NETWORK_RULE_MATCH_FRAME_SIZE_RANGE = 42, + ZT_NETWORK_RULE_MATCH_RANDOM = 43, + ZT_NETWORK_RULE_MATCH_TAGS_DIFFERENCE = 44, + ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_AND = 45, + ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_OR = 46, + ZT_NETWORK_RULE_MATCH_TAGS_BITWISE_XOR = 47, + ZT_NETWORK_RULE_MATCH_TAGS_EQUAL = 48, + ZT_NETWORK_RULE_MATCH_TAG_SENDER = 49, + ZT_NETWORK_RULE_MATCH_TAG_RECEIVER = 50, + ZT_NETWORK_RULE_MATCH_INTEGER_RANGE = 51, /** * Maximum ID allowed for a MATCH entry in the rules table @@ -1340,7 +1347,8 @@ typedef struct { uint64_t start; /* integer range start */ uint32_t end; /* end of integer range (relative to start, inclusive, 0 for equality w/start) */ uint16_t idx; /* index in packet of integer */ - uint8_t format; /* bits in integer (range 1-64, ((format&63)+1)) and endianness (MSB 1 for little, 0 for big) */ + uint8_t + format; /* bits in integer (range 1-64, ((format&63)+1)) and endianness (MSB 1 for little, 0 for big) */ } intRange; /** @@ -1588,9 +1596,9 @@ typedef struct { * A list of networks */ typedef struct { - void (*freeFunction)(const void*); + void (*freeFunction)(const void *); - ZT_VirtualNetworkConfig* networks; + ZT_VirtualNetworkConfig *networks; unsigned long networkCount; } ZT_VirtualNetworkList; @@ -1699,12 +1707,12 @@ typedef struct { /** * Peer identity */ - const ZT_Identity* identity; + const ZT_Identity *identity; /** * SHA-384 of identity public key(s) */ - const ZT_Fingerprint* fingerprint; + const ZT_Fingerprint *fingerprint; /** * Remote major version or -1 if not known @@ -1739,7 +1747,7 @@ typedef struct { /** * Network IDs for networks (array size: networkCount) */ - uint64_t* networks; + uint64_t *networks; /** * Number of networks in which this peer is authenticated @@ -1753,7 +1761,7 @@ typedef struct { * but those would not appear here. Right now those can only be relaying via * a root. */ - ZT_Path* paths; + ZT_Path *paths; /** * Number of paths (size of paths[]) @@ -1768,16 +1776,16 @@ typedef struct { /** * Serialized locator or NULL if none */ - const void* locator; + const void *locator; } ZT_Peer; /** * List of peers */ typedef struct { - void (*freeFunction)(const void*); + void (*freeFunction)(const void *); - ZT_Peer* peers; + ZT_Peer *peers; unsigned long peerCount; } ZT_PeerList; @@ -1885,13 +1893,13 @@ typedef void ZT_Node; * driven environments. */ typedef void (*ZT_VirtualNetworkConfigFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ uint64_t, /* Network ID */ - void**, /* Modifiable network user PTR */ + void **, /* Modifiable network user PTR */ enum ZT_VirtualNetworkConfigOperation, /* Config operation */ - const ZT_VirtualNetworkConfig*); /* Network configuration */ + const ZT_VirtualNetworkConfig *); /* Network configuration */ /** * Function to send a frame out to a virtual network port @@ -1901,16 +1909,16 @@ typedef void (*ZT_VirtualNetworkConfigFunction)( * (9) frame length. */ typedef void (*ZT_VirtualNetworkFrameFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ uint64_t, /* Network ID */ - void**, /* Modifiable network user PTR */ + void **, /* Modifiable network user PTR */ uint64_t, /* Source MAC */ uint64_t, /* Destination MAC */ unsigned int, /* Ethernet type */ unsigned int, /* VLAN ID (0 for none) */ - const void*, /* Frame data */ + const void *, /* Frame data */ unsigned int); /* Frame length */ /** @@ -1923,11 +1931,11 @@ typedef void (*ZT_VirtualNetworkFrameFunction)( * in the definition of ZT_Event. */ typedef void (*ZT_EventCallback)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ enum ZT_Event, /* Event type */ - const void*, /* Event payload (if applicable) */ + const void *, /* Event payload (if applicable) */ unsigned int); /* Size of event payload */ /** @@ -1940,13 +1948,13 @@ typedef void (*ZT_EventCallback)( * deleted. */ typedef void (*ZT_StatePutFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ enum ZT_StateObjectType, /* State object type */ - const uint64_t*, /* State object ID (if applicable) */ + const uint64_t *, /* State object ID (if applicable) */ unsigned int, /* Length of state object ID in quads */ - const void*, /* State object data */ + const void *, /* State object data */ int); /* Length of data or -1 to delete */ /** @@ -1959,14 +1967,14 @@ typedef void (*ZT_StatePutFunction)( * with it. This is very often just a pointer to free(). */ typedef int (*ZT_StateGetFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ enum ZT_StateObjectType, /* State object type */ - const uint64_t*, /* State object ID (if applicable) */ + const uint64_t *, /* State object ID (if applicable) */ unsigned int, /* Length of object ID in quads */ - void**, /* Result parameter: data */ - void (**)(void*)); /* Result parameter: data free function */ + void **, /* Result parameter: data */ + void (**)(void *)); /* Result parameter: data free function */ /** * Function to send a ZeroTier packet out over the physical wire (L2/L3) @@ -1984,14 +1992,14 @@ typedef int (*ZT_StateGetFunction)( * delivery. It only means that the packet appears to have been sent. */ typedef int (*ZT_WirePacketSendFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ - int64_t, /* Local socket */ - const ZT_InetAddress*, /* Remote address */ - const void*, /* Packet data */ - unsigned int, /* Packet length */ - unsigned int); /* TTL or 0 to use default */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ + int64_t, /* Local socket */ + const ZT_InetAddress *, /* Remote address */ + const void *, /* Packet data */ + unsigned int, /* Packet length */ + unsigned int); /* TTL or 0 to use default */ /** * Function to check whether a path should be used for ZeroTier traffic @@ -2016,13 +2024,13 @@ typedef int (*ZT_WirePacketSendFunction)( * interface (recursion). */ typedef int (*ZT_PathCheckFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ - uint64_t, /* ZeroTier address */ - const ZT_Identity*, /* Full identity of node */ - int64_t, /* Local socket or -1 if unknown */ - const ZT_InetAddress*); /* Remote address */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ + uint64_t, /* ZeroTier address */ + const ZT_Identity *, /* Full identity of node */ + int64_t, /* Local socket or -1 if unknown */ + const ZT_InetAddress *); /* Remote address */ /** * Function to get physical addresses for ZeroTier peers @@ -2041,13 +2049,13 @@ typedef int (*ZT_PathCheckFunction)( * with an address. */ typedef int (*ZT_PathLookupFunction)( - ZT_Node*, /* Node */ - void*, /* User ptr */ - void*, /* Thread ptr */ - uint64_t, /* ZeroTier address (40 bits) */ - const ZT_Identity*, /* Full identity of node */ - int, /* Desired ss_family or -1 for any */ - ZT_InetAddress*); /* Result buffer */ + ZT_Node *, /* Node */ + void *, /* User ptr */ + void *, /* Thread ptr */ + uint64_t, /* ZeroTier address (40 bits) */ + const ZT_Identity *, /* Full identity of node */ + int, /* Desired ss_family or -1 for any */ + ZT_InetAddress *); /* Result buffer */ /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2108,14 +2116,14 @@ struct ZT_Node_Callbacks { * * @return Pointer to I/O buffer */ -ZT_SDK_API void* ZT_getBuffer(); +ZT_SDK_API void *ZT_getBuffer(); /** * Free an unused buffer obtained via getBuffer * * @param b Buffer to free */ -ZT_SDK_API void ZT_freeBuffer(void* b); +ZT_SDK_API void ZT_freeBuffer(void *b); /** * Free a query result buffer @@ -2125,7 +2133,7 @@ ZT_SDK_API void ZT_freeBuffer(void* b); * * @param qr Query result buffer */ -ZT_SDK_API void ZT_freeQueryResult(const void* qr); +ZT_SDK_API void ZT_freeQueryResult(const void *qr); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2142,7 +2150,8 @@ ZT_SDK_API void ZT_freeQueryResult(const void* qr); * @param callbacks Callback function configuration * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_new(ZT_Node** node, int64_t clock, int64_t ticks, void* tptr, void* uptr, const struct ZT_Node_Callbacks* callbacks); +ZT_SDK_API enum ZT_ResultCode ZT_Node_new( + ZT_Node **node, int64_t clock, int64_t ticks, void *tptr, void *uptr, const struct ZT_Node_Callbacks *callbacks); /** * Delete a node and free all resources it consumes @@ -2150,7 +2159,7 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_new(ZT_Node** node, int64_t clock, int64_t * If you are using multiple threads, all other threads must be shut down * first. This can crash if processXXX() methods are in progress. */ -ZT_SDK_API void ZT_Node_delete(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr); +ZT_SDK_API void ZT_Node_delete(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr); /** * Process a packet received from the physical wire @@ -2164,16 +2173,8 @@ ZT_SDK_API void ZT_Node_delete(ZT_Node* node, int64_t clock, int64_t ticks, void * @return OK (0) or error code if a fatal error condition has occurred */ ZT_SDK_API enum ZT_ResultCode ZT_Node_processWirePacket( - ZT_Node* node, - int64_t clock, - int64_t ticks, - void* tptr, - int64_t localSocket, - const ZT_InetAddress* remoteAddress, - const void* packetData, - unsigned int packetLength, - int isZtBuffer, - volatile int64_t* nextBackgroundTaskDeadline); + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, int64_t localSocket, const ZT_InetAddress *remoteAddress, + const void *packetData, unsigned int packetLength, int isZtBuffer, volatile int64_t *nextBackgroundTaskDeadline); /** * Process a frame from a virtual network port (tap) @@ -2190,19 +2191,9 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_processWirePacket( * @return OK (0) or error code if a fatal error condition has occurred */ ZT_SDK_API enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame( - ZT_Node* node, - int64_t clock, - int64_t ticks, - void* tptr, - uint64_t nwid, - uint64_t sourceMac, - uint64_t destMac, - unsigned int etherType, - unsigned int vlanId, - const void* frameData, - unsigned int frameLength, - int isZtBuffer, - volatile int64_t* nextBackgroundTaskDeadline); + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid, uint64_t sourceMac, uint64_t destMac, + unsigned int etherType, unsigned int vlanId, const void *frameData, unsigned int frameLength, int isZtBuffer, + volatile int64_t *nextBackgroundTaskDeadline); /** * Perform periodic background operations @@ -2211,7 +2202,8 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_processVirtualNetworkFrame( * @param nextBackgroundTaskDeadline Value/result: set to deadline for next call to processBackgroundTasks() * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, volatile int64_t* nextBackgroundTaskDeadline); +ZT_SDK_API enum ZT_ResultCode ZT_Node_processBackgroundTasks( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, volatile int64_t *nextBackgroundTaskDeadline); /** * Join a network @@ -2226,7 +2218,9 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_processBackgroundTasks(ZT_Node* node, int6 * @param fingerprintHash If non-NULL this is the full fingerprint of the controller * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_join(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void* uptr, uint64_t nwid, const ZT_Fingerprint* controllerFingerprint); +ZT_SDK_API enum ZT_ResultCode ZT_Node_join( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, void *uptr, uint64_t nwid, + const ZT_Fingerprint *controllerFingerprint); /** * Leave a network @@ -2240,7 +2234,8 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_join(ZT_Node* node, int64_t clock, int64_t * * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_leave(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, void** uptr, uint64_t nwid); +ZT_SDK_API enum ZT_ResultCode +ZT_Node_leave(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, void **uptr, uint64_t nwid); /** * Subscribe to an Ethernet multicast group @@ -2266,7 +2261,9 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_leave(ZT_Node* node, int64_t clock, int64_ * @param multicastAdi Multicast ADI (least significant 32 bits only, use 0 if not needed) * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi); +ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastSubscribe( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid, uint64_t multicastGroup, + unsigned long multicastAdi); /** * Unsubscribe from an Ethernet multicast group (or all groups) @@ -2281,14 +2278,16 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastSubscribe(ZT_Node* node, int64_t * @param multicastAdi Multicast ADI (least significant 32 bits only, use 0 if not needed) * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastUnsubscribe(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid, uint64_t multicastGroup, unsigned long multicastAdi); +ZT_SDK_API enum ZT_ResultCode ZT_Node_multicastUnsubscribe( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid, uint64_t multicastGroup, + unsigned long multicastAdi); /** * Get this node's 40-bit ZeroTier address * * @return ZeroTier address (least significant 40 bits of 64-bit int) */ -ZT_SDK_API uint64_t ZT_Node_address(ZT_Node* node); +ZT_SDK_API uint64_t ZT_Node_address(ZT_Node *node); /** * Get this node's identity @@ -2298,14 +2297,14 @@ ZT_SDK_API uint64_t ZT_Node_address(ZT_Node* node); * * @return Identity */ -ZT_SDK_API const ZT_Identity* ZT_Node_identity(ZT_Node* node); +ZT_SDK_API const ZT_Identity *ZT_Node_identity(ZT_Node *node); /** * Get the status of this node * * @param status Buffer to fill with current node status */ -ZT_SDK_API void ZT_Node_status(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, ZT_NodeStatus* status); +ZT_SDK_API void ZT_Node_status(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, ZT_NodeStatus *status); /** * Get a list of known peer nodes @@ -2315,7 +2314,7 @@ ZT_SDK_API void ZT_Node_status(ZT_Node* node, int64_t clock, int64_t ticks, void * * @return List of known peers or NULL on failure */ -ZT_SDK_API ZT_PeerList* ZT_Node_peers(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr); +ZT_SDK_API ZT_PeerList *ZT_Node_peers(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr); /** * Get the status of a virtual network @@ -2326,7 +2325,8 @@ ZT_SDK_API ZT_PeerList* ZT_Node_peers(ZT_Node* node, int64_t clock, int64_t tick * @param nwid 64-bit network ID * @return Network configuration or NULL if we are not a member of this network */ -ZT_SDK_API ZT_VirtualNetworkConfig* ZT_Node_networkConfig(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t nwid); +ZT_SDK_API ZT_VirtualNetworkConfig * +ZT_Node_networkConfig(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t nwid); /** * Enumerate and get status of all networks @@ -2334,7 +2334,7 @@ ZT_SDK_API ZT_VirtualNetworkConfig* ZT_Node_networkConfig(ZT_Node* node, int64_t * @param node Node instance * @return List of networks or NULL on failure */ -ZT_SDK_API ZT_VirtualNetworkList* ZT_Node_networks(ZT_Node* node); +ZT_SDK_API ZT_VirtualNetworkList *ZT_Node_networks(ZT_Node *node); /** * Set the network-associated user-defined pointer for a given network @@ -2345,7 +2345,7 @@ ZT_SDK_API ZT_VirtualNetworkList* ZT_Node_networks(ZT_Node* node); * @param nwid Network ID * @param ptr New network-associated pointer */ -ZT_SDK_API void ZT_Node_setNetworkUserPtr(ZT_Node* node, uint64_t nwid, void* ptr); +ZT_SDK_API void ZT_Node_setNetworkUserPtr(ZT_Node *node, uint64_t nwid, void *ptr); /** * Set external interface addresses where this node could be reached @@ -2354,7 +2354,8 @@ ZT_SDK_API void ZT_Node_setNetworkUserPtr(ZT_Node* node, uint64_t nwid, void* pt * @param addrs Addresses * @param addrCount Number of items in addrs[] */ -ZT_SDK_API void ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, const ZT_InterfaceAddress* addrs, unsigned int addrCount); +ZT_SDK_API void ZT_Node_setInterfaceAddresses( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, const ZT_InterfaceAddress *addrs, unsigned int addrCount); /** * Add a certificate to this node's certificate store @@ -2368,7 +2369,9 @@ ZT_SDK_API void ZT_Node_setInterfaceAddresses(ZT_Node* node, int64_t clock, int6 * @param certSize Size of certificate binary data, 0 if none * @return Certificate error or ZT_CERTIFICATE_ERROR_NONE on success */ -ZT_SDK_API enum ZT_CertificateError ZT_Node_addCertificate(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, unsigned int localTrust, const ZT_Certificate* cert, const void* certData, unsigned int certSize); +ZT_SDK_API enum ZT_CertificateError ZT_Node_addCertificate( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, unsigned int localTrust, const ZT_Certificate *cert, + const void *certData, unsigned int certSize); /** * Delete a certificate from this node's certificate store @@ -2381,7 +2384,8 @@ ZT_SDK_API enum ZT_CertificateError ZT_Node_addCertificate(ZT_Node* node, int64_ * @param serialNo 48-byte / 384-bit serial number of certificate to delete * @return OK (0) or error code */ -ZT_SDK_API enum ZT_ResultCode ZT_Node_deleteCertificate(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, const void* serialNo); +ZT_SDK_API enum ZT_ResultCode +ZT_Node_deleteCertificate(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, const void *serialNo); /** * List certificates installed in this node's trust store @@ -2389,7 +2393,7 @@ ZT_SDK_API enum ZT_ResultCode ZT_Node_deleteCertificate(ZT_Node* node, int64_t c * @param node Node instance * @return List of certificates or NULL on error */ -ZT_SDK_API ZT_CertificateList* ZT_Node_listCertificates(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr); +ZT_SDK_API ZT_CertificateList *ZT_Node_listCertificates(ZT_Node *node, int64_t clock, int64_t ticks, void *tptr); /** * Send a VERB_USER_MESSAGE to another ZeroTier node @@ -2405,7 +2409,9 @@ ZT_SDK_API ZT_CertificateList* ZT_Node_listCertificates(ZT_Node* node, int64_t c * @param len Length of data in bytes * @return Boolean: non-zero on success, zero on failure */ -ZT_SDK_API int ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t ticks, void* tptr, uint64_t dest, uint64_t typeId, const void* data, unsigned int len); +ZT_SDK_API int ZT_Node_sendUserMessage( + ZT_Node *node, int64_t clock, int64_t ticks, void *tptr, uint64_t dest, uint64_t typeId, const void *data, + unsigned int len); /** * Set a network controller instance for this node @@ -2422,7 +2428,7 @@ ZT_SDK_API int ZT_Node_sendUserMessage(ZT_Node* node, int64_t clock, int64_t tic * @param networkConfigMasterInstance Instance of NetworkConfigMaster C++ class or NULL to disable * @return OK (0) or error code if a fatal error condition has occurred */ -ZT_SDK_API void ZT_Node_setController(ZT_Node* node, void* networkConfigMasterInstance); +ZT_SDK_API void ZT_Node_setController(ZT_Node *node, void *networkConfigMasterInstance); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2436,7 +2442,7 @@ ZT_SDK_API void ZT_Node_setController(ZT_Node* node, void* networkConfigMasterIn * @param type Type of identity to generate * @return New identity or NULL on error */ -ZT_SDK_API ZT_Identity* ZT_Identity_new(enum ZT_IdentityType type); +ZT_SDK_API ZT_Identity *ZT_Identity_new(enum ZT_IdentityType type); /** * Make a copy of an identity @@ -2444,7 +2450,7 @@ ZT_SDK_API ZT_Identity* ZT_Identity_new(enum ZT_IdentityType type); * @param id Identity to copy * @return Copy, must be freed with ZT_Identity_delete. */ -ZT_SDK_API ZT_Identity* ZT_Identity_clone(const ZT_Identity* id); +ZT_SDK_API ZT_Identity *ZT_Identity_clone(const ZT_Identity *id); /** * Create a new identity object from a string-serialized identity @@ -2452,7 +2458,7 @@ ZT_SDK_API ZT_Identity* ZT_Identity_clone(const ZT_Identity* id); * @param idStr Identity in string format * @return Identity object or NULL if the supplied identity string was not valid */ -ZT_SDK_API ZT_Identity* ZT_Identity_fromString(const char* idStr); +ZT_SDK_API ZT_Identity *ZT_Identity_fromString(const char *idStr); /** * Validate this identity @@ -2461,7 +2467,7 @@ ZT_SDK_API ZT_Identity* ZT_Identity_fromString(const char* idStr); * * @return Non-zero if identity is valid */ -ZT_SDK_API int ZT_Identity_validate(const ZT_Identity* id); +ZT_SDK_API int ZT_Identity_validate(const ZT_Identity *id); /** * Sign a data object with this identity @@ -2475,7 +2481,8 @@ ZT_SDK_API int ZT_Identity_validate(const ZT_Identity* id); * @param signatureBufferLength Length of buffer (must be at least 96 bytes) * @return Length of signature in bytes or 0 on failure. */ -ZT_SDK_API unsigned int ZT_Identity_sign(const ZT_Identity* id, const void* data, unsigned int len, void* signature, unsigned int signatureBufferLength); +ZT_SDK_API unsigned int ZT_Identity_sign( + const ZT_Identity *id, const void *data, unsigned int len, void *signature, unsigned int signatureBufferLength); /** * Verify a signature @@ -2487,7 +2494,8 @@ ZT_SDK_API unsigned int ZT_Identity_sign(const ZT_Identity* id, const void* data * @param sigLen Length of signature in bytes * @return Non-zero if signature is valid */ -ZT_SDK_API int ZT_Identity_verify(const ZT_Identity* id, const void* data, unsigned int len, const void* signature, unsigned int sigLen); +ZT_SDK_API int ZT_Identity_verify( + const ZT_Identity *id, const void *data, unsigned int len, const void *signature, unsigned int sigLen); /** * Get identity type @@ -2495,7 +2503,7 @@ ZT_SDK_API int ZT_Identity_verify(const ZT_Identity* id, const void* data, unsig * @param id Identity to query * @return Identity type code */ -ZT_SDK_API enum ZT_IdentityType ZT_Identity_type(const ZT_Identity* id); +ZT_SDK_API enum ZT_IdentityType ZT_Identity_type(const ZT_Identity *id); /** * Convert an identity to its string representation @@ -2506,7 +2514,7 @@ ZT_SDK_API enum ZT_IdentityType ZT_Identity_type(const ZT_Identity* id); * @param includePrivate If true include the private key if present * @return Pointer to buf or NULL on overflow or other error */ -ZT_SDK_API char* ZT_Identity_toString(const ZT_Identity* id, char* buf, int capacity, int includePrivate); +ZT_SDK_API char *ZT_Identity_toString(const ZT_Identity *id, char *buf, int capacity, int includePrivate); /** * Check whether this identity object also holds a private key @@ -2514,7 +2522,7 @@ ZT_SDK_API char* ZT_Identity_toString(const ZT_Identity* id, char* buf, int capa * @param id Identity to query * @return Non-zero if a private key is held */ -ZT_SDK_API int ZT_Identity_hasPrivate(const ZT_Identity* id); +ZT_SDK_API int ZT_Identity_hasPrivate(const ZT_Identity *id); /** * Get the ZeroTier address associated with this identity @@ -2522,7 +2530,7 @@ ZT_SDK_API int ZT_Identity_hasPrivate(const ZT_Identity* id); * @param id Identity to query * @return ZeroTier address (only least significant 40 bits are meaningful, rest will be 0) */ -ZT_SDK_API uint64_t ZT_Identity_address(const ZT_Identity* id); +ZT_SDK_API uint64_t ZT_Identity_address(const ZT_Identity *id); /** * Get this identity's full fingerprint @@ -2530,7 +2538,7 @@ ZT_SDK_API uint64_t ZT_Identity_address(const ZT_Identity* id); * @param id Identity to query * @return Pointer to fingerprint (remains valid as long as identity itself is valid) */ -ZT_SDK_API const ZT_Fingerprint* ZT_Identity_fingerprint(const ZT_Identity* id); +ZT_SDK_API const ZT_Fingerprint *ZT_Identity_fingerprint(const ZT_Identity *id); /** * Compare two identities @@ -2539,7 +2547,7 @@ ZT_SDK_API const ZT_Fingerprint* ZT_Identity_fingerprint(const ZT_Identity* id); * @param b Second identity * @return -1, 0, or 1 if a is less than, equal to, or greater than b */ -ZT_SDK_API int ZT_Identity_compare(const ZT_Identity* a, const ZT_Identity* b); +ZT_SDK_API int ZT_Identity_compare(const ZT_Identity *a, const ZT_Identity *b); /** * Delete an identity and free associated memory @@ -2549,7 +2557,7 @@ ZT_SDK_API int ZT_Identity_compare(const ZT_Identity* a, const ZT_Identity* b); * * @param id Identity to delete */ -ZT_SDK_API void ZT_Identity_delete(const ZT_Identity* id); +ZT_SDK_API void ZT_Identity_delete(const ZT_Identity *id); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2561,7 +2569,7 @@ ZT_SDK_API void ZT_Identity_delete(const ZT_Identity* id); * @param capacity Capacity of buffer * @return String or NULL on error */ -ZT_SDK_API char* ZT_Endpoint_toString(const ZT_Endpoint* ep, char* buf, int capacity); +ZT_SDK_API char *ZT_Endpoint_toString(const ZT_Endpoint *ep, char *buf, int capacity); /** * Parse an endpoint as a string @@ -2574,7 +2582,7 @@ ZT_SDK_API char* ZT_Endpoint_toString(const ZT_Endpoint* ep, char* buf, int capa * @param str String representation of endpoint * @return OK (0) or error code */ -ZT_SDK_API int ZT_Endpoint_fromString(ZT_Endpoint* ep, const char* str); +ZT_SDK_API int ZT_Endpoint_fromString(ZT_Endpoint *ep, const char *str); /** * Decode a binary serialized endpoint @@ -2584,7 +2592,7 @@ ZT_SDK_API int ZT_Endpoint_fromString(ZT_Endpoint* ep, const char* str); * @param len Length of bytes * @return OK (0) or error code */ -ZT_SDK_API int ZT_Endpoint_fromBytes(ZT_Endpoint* ep, const void* bytes, unsigned int len); +ZT_SDK_API int ZT_Endpoint_fromBytes(ZT_Endpoint *ep, const void *bytes, unsigned int len); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2601,7 +2609,9 @@ ZT_SDK_API int ZT_Endpoint_fromBytes(ZT_Endpoint* ep, const void* bytes, unsigne * @param signer Identity to sign locator (must include private key) * @return Locator or NULL on error (too many endpoints or identity does not have private key) */ -ZT_SDK_API ZT_Locator* ZT_Locator_create(int64_t rev, const ZT_Endpoint* endpoints, const ZT_EndpointAttributes* endpointAttributes, unsigned int endpointCount, const ZT_Identity* signer); +ZT_SDK_API ZT_Locator *ZT_Locator_create( + int64_t rev, const ZT_Endpoint *endpoints, const ZT_EndpointAttributes *endpointAttributes, + unsigned int endpointCount, const ZT_Identity *signer); /** * Decode a serialized locator @@ -2610,7 +2620,7 @@ ZT_SDK_API ZT_Locator* ZT_Locator_create(int64_t rev, const ZT_Endpoint* endpoin * @param len Length of data * @return Locator or NULL if data is not valid */ -ZT_SDK_API ZT_Locator* ZT_Locator_unmarshal(const void* data, unsigned int len); +ZT_SDK_API ZT_Locator *ZT_Locator_unmarshal(const void *data, unsigned int len); /** * Decode a locator from string format @@ -2618,7 +2628,7 @@ ZT_SDK_API ZT_Locator* ZT_Locator_unmarshal(const void* data, unsigned int len); * @param str String format locator * @return Locator or NULL if string is not valid */ -ZT_SDK_API ZT_Locator* ZT_Locator_fromString(const char* str); +ZT_SDK_API ZT_Locator *ZT_Locator_fromString(const char *str); /** * Serialize this locator into a buffer @@ -2628,7 +2638,7 @@ ZT_SDK_API ZT_Locator* ZT_Locator_fromString(const char* str); * @param bufSize Size of buffer in bytes (needs to be at least 2048 bytes in size) * @return Number of bytes stored to buf or -1 on error such as buffer too small */ -ZT_SDK_API int ZT_Locator_marshal(const ZT_Locator* loc, void* buf, unsigned int bufSize); +ZT_SDK_API int ZT_Locator_marshal(const ZT_Locator *loc, void *buf, unsigned int bufSize); /** * Get this locator in string format @@ -2638,7 +2648,7 @@ ZT_SDK_API int ZT_Locator_marshal(const ZT_Locator* loc, void* buf, unsigned int * @param capacity Capacity of buffer in bytes (recommended size: 4096) * @return Pointer to buffer or NULL if an error occurs */ -ZT_SDK_API char* ZT_Locator_toString(const ZT_Locator* loc, char* buf, int capacity); +ZT_SDK_API char *ZT_Locator_toString(const ZT_Locator *loc, char *buf, int capacity); /** * Get a locator's revision @@ -2646,7 +2656,7 @@ ZT_SDK_API char* ZT_Locator_toString(const ZT_Locator* loc, char* buf, int capac * @param loc Locator to query * @return Locator revision */ -ZT_SDK_API int64_t ZT_Locator_revision(const ZT_Locator* loc); +ZT_SDK_API int64_t ZT_Locator_revision(const ZT_Locator *loc); /** * Get a locator's signer @@ -2654,7 +2664,7 @@ ZT_SDK_API int64_t ZT_Locator_revision(const ZT_Locator* loc); * @param loc Locator to query * @return 40-bit ZeroTier address of signer */ -ZT_SDK_API uint64_t ZT_Locator_signer(const ZT_Locator* loc); +ZT_SDK_API uint64_t ZT_Locator_signer(const ZT_Locator *loc); /** * Compare two locators @@ -2663,7 +2673,7 @@ ZT_SDK_API uint64_t ZT_Locator_signer(const ZT_Locator* loc); * @param b Second locator * @return Non-zero if a equals b */ -ZT_SDK_API int ZT_Locator_equals(const ZT_Locator* a, const ZT_Locator* b); +ZT_SDK_API int ZT_Locator_equals(const ZT_Locator *a, const ZT_Locator *b); /** * Get the number of endpoints in this locator @@ -2671,7 +2681,7 @@ ZT_SDK_API int ZT_Locator_equals(const ZT_Locator* a, const ZT_Locator* b); * @param loc Locator to query * @return Number of endpoints */ -ZT_SDK_API unsigned int ZT_Locator_endpointCount(const ZT_Locator* loc); +ZT_SDK_API unsigned int ZT_Locator_endpointCount(const ZT_Locator *loc); /** * Get a pointer to an endpoint in a locator @@ -2681,7 +2691,7 @@ ZT_SDK_API unsigned int ZT_Locator_endpointCount(const ZT_Locator* loc); * @param ep Endpoint number from 0 to 1 - endpointCount() * @return Endpoint or NULL if out of bounds */ -ZT_SDK_API const ZT_Endpoint* ZT_Locator_endpoint(const ZT_Locator* loc, unsigned int ep); +ZT_SDK_API const ZT_Endpoint *ZT_Locator_endpoint(const ZT_Locator *loc, unsigned int ep); /** * Verify this locator's signature @@ -2689,14 +2699,14 @@ ZT_SDK_API const ZT_Endpoint* ZT_Locator_endpoint(const ZT_Locator* loc, unsigne * @param signer Signing identity * @return Non-zero if locator is valid */ -ZT_SDK_API int ZT_Locator_verify(const ZT_Locator* loc, const ZT_Identity* signer); +ZT_SDK_API int ZT_Locator_verify(const ZT_Locator *loc, const ZT_Identity *signer); /** * Delete a locator * * @param loc Locator to delete */ -ZT_SDK_API void ZT_Locator_delete(const ZT_Locator* loc); +ZT_SDK_API void ZT_Locator_delete(const ZT_Locator *loc); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2708,7 +2718,7 @@ ZT_SDK_API void ZT_Locator_delete(const ZT_Locator* loc); * @param revision Result: revision * @param build Result: build number */ -ZT_SDK_API void ZT_version(int* major, int* minor, int* revision, int* build); +ZT_SDK_API void ZT_version(int *major, int *minor, int *revision, int *build); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2725,8 +2735,9 @@ ZT_SDK_API void ZT_version(int* major, int* minor, int* revision, int* build); * @param privateKeySize Result parameter: set to size of private key * @return OK (0) or error */ -ZT_SDK_API int -ZT_Certificate_newKeyPair(enum ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], int* const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int* const privateKeySize); +ZT_SDK_API int ZT_Certificate_newKeyPair( + enum ZT_CertificatePublicKeyAlgorithm type, uint8_t publicKey[ZT_CERTIFICATE_MAX_PUBLIC_KEY_SIZE], + int *const publicKeySize, uint8_t privateKey[ZT_CERTIFICATE_MAX_PRIVATE_KEY_SIZE], int *const privateKeySize); /** * Create a new certificate signing request (CSR) @@ -2746,7 +2757,9 @@ ZT_Certificate_newKeyPair(enum ZT_CertificatePublicKeyAlgorithm type, uint8_t pu * @param csrSize Value/result: size of buffer * @return OK (0) or error */ -ZT_SDK_API int ZT_Certificate_newCSR(const ZT_Certificate_Subject* subject, const void* certificatePrivateKey, int certificatePrivateKeySize, const void* uniqueIdPrivateKey, int uniqueIdPrivateKeySize, void* csr, int* csrSize); +ZT_SDK_API int ZT_Certificate_newCSR( + const ZT_Certificate_Subject *subject, const void *certificatePrivateKey, int certificatePrivateKeySize, + const void *uniqueIdPrivateKey, int uniqueIdPrivateKeySize, void *csr, int *csrSize); /** * Sign a CSR to generate a complete certificate. @@ -2763,7 +2776,9 @@ ZT_SDK_API int ZT_Certificate_newCSR(const ZT_Certificate_Subject* subject, cons * @param issuerPrivateKeySize Size of private key in bytes * @return Signed certificate or NULL on error */ -ZT_SDK_API ZT_Certificate* ZT_Certificate_sign(const ZT_Certificate* cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void* issuerPrivateKey, int issuerPrivateKeySize); +ZT_SDK_API ZT_Certificate *ZT_Certificate_sign( + const ZT_Certificate *cert, const uint8_t issuer[ZT_CERTIFICATE_HASH_SIZE], const void *issuerPrivateKey, + int issuerPrivateKeySize); /** * Decode a certificate or CSR @@ -2780,7 +2795,8 @@ ZT_SDK_API ZT_Certificate* ZT_Certificate_sign(const ZT_Certificate* cert, const * @param verify If non-zero, verify signatures and structure * @return Certificate error, if any */ -ZT_SDK_API enum ZT_CertificateError ZT_Certificate_decode(const ZT_Certificate** decodedCert, const void* cert, int certSize, int verify); +ZT_SDK_API enum ZT_CertificateError +ZT_Certificate_decode(const ZT_Certificate **decodedCert, const void *cert, int certSize, int verify); /** * Encode a certificate @@ -2790,7 +2806,7 @@ ZT_SDK_API enum ZT_CertificateError ZT_Certificate_decode(const ZT_Certificate** * @param encodedSize Value/result: size of certificate encoding buffer * @return OK (0) or error */ -ZT_SDK_API int ZT_Certificate_encode(const ZT_Certificate* cert, void* encoded, int* encodedSize); +ZT_SDK_API int ZT_Certificate_encode(const ZT_Certificate *cert, void *encoded, int *encodedSize); /** * Verify certificate signatures and internal structure. @@ -2799,7 +2815,7 @@ ZT_SDK_API int ZT_Certificate_encode(const ZT_Certificate* cert, void* encoded, * @param clock Clock to check timestamp or -1 to skip this check * @return Certificate error or ZT_CERTIFICATE_ERROR_NONE if no errors found. */ -ZT_SDK_API enum ZT_CertificateError ZT_Certificate_verify(const ZT_Certificate* cert, int64_t clock); +ZT_SDK_API enum ZT_CertificateError ZT_Certificate_verify(const ZT_Certificate *cert, int64_t clock); /** * Deep clone a certificate, returning one allocated C-side. @@ -2811,14 +2827,14 @@ ZT_SDK_API enum ZT_CertificateError ZT_Certificate_verify(const ZT_Certificate* * @param cert Certificate to deep clone * @return New certificate with copies of all objects */ -ZT_SDK_API const ZT_Certificate* ZT_Certificate_clone(const ZT_Certificate* cert); +ZT_SDK_API const ZT_Certificate *ZT_Certificate_clone(const ZT_Certificate *cert); /** * Free a certificate created with ZT_Certificate_decode() or ZT_Certificate_clone() * * @param cert Certificate to free */ -ZT_SDK_API void ZT_Certificate_delete(const ZT_Certificate* cert); +ZT_SDK_API void ZT_Certificate_delete(const ZT_Certificate *cert); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2830,7 +2846,7 @@ ZT_SDK_API void ZT_Certificate_delete(const ZT_Certificate* cert); * @param capacity Capacity, must be at least 128 bytes * @return Pointer to 'buf' now filled with a string */ -ZT_SDK_API char* ZT_Fingerprint_toString(const ZT_Fingerprint* fp, char* buf, int capacity); +ZT_SDK_API char *ZT_Fingerprint_toString(const ZT_Fingerprint *fp, char *buf, int capacity); /** * Decode a fingerprint from a string @@ -2839,7 +2855,7 @@ ZT_SDK_API char* ZT_Fingerprint_toString(const ZT_Fingerprint* fp, char* buf, in * @param s String representation of fingerprint * @return Non-zero on success */ -ZT_SDK_API int ZT_Fingerprint_fromString(ZT_Fingerprint* fp, const char* s); +ZT_SDK_API int ZT_Fingerprint_fromString(ZT_Fingerprint *fp, const char *s); /* ---------------------------------------------------------------------------------------------------------------- */ @@ -2849,30 +2865,30 @@ ZT_SDK_API int ZT_Fingerprint_fromString(ZT_Fingerprint* fp, const char* s); * included. */ -#define ZT_InetAddress_ptr_cast_sockaddr_ptr(a) ((struct sockaddr*)(a)) -#define ZT_InetAddress_ptr_cast_sockaddr_in_ptr(a) ((struct sockaddr_in*)(a)) -#define ZT_InetAddress_ptr_cast_sockaddr_in6_ptr(a) ((struct sockaddr_in6*)(a)) -#define ZT_InetAddress_ptr_cast_sockaddr_storage_ptr(a) ((struct sockaddr_storage*)(a)) +#define ZT_InetAddress_ptr_cast_sockaddr_ptr(a) ((struct sockaddr *)(a)) +#define ZT_InetAddress_ptr_cast_sockaddr_in_ptr(a) ((struct sockaddr_in *)(a)) +#define ZT_InetAddress_ptr_cast_sockaddr_in6_ptr(a) ((struct sockaddr_in6 *)(a)) +#define ZT_InetAddress_ptr_cast_sockaddr_storage_ptr(a) ((struct sockaddr_storage *)(a)) -#define ZT_InetAddress_ptr_cast_const_sockaddr_ptr(a) ((const struct sockaddr*)(a)) -#define ZT_InetAddress_ptr_cast_const_sockaddr_in_ptr(a) ((const struct sockaddr_in*)(a)) -#define ZT_InetAddress_ptr_cast_const_sockaddr_in6_ptr(a) ((const struct sockaddr_in6*)(a)) -#define ZT_InetAddress_ptr_cast_const_sockaddr_storage_ptr(a) ((const struct sockaddr_storage*)(a)) +#define ZT_InetAddress_ptr_cast_const_sockaddr_ptr(a) ((const struct sockaddr *)(a)) +#define ZT_InetAddress_ptr_cast_const_sockaddr_in_ptr(a) ((const struct sockaddr_in *)(a)) +#define ZT_InetAddress_ptr_cast_const_sockaddr_in6_ptr(a) ((const struct sockaddr_in6 *)(a)) +#define ZT_InetAddress_ptr_cast_const_sockaddr_storage_ptr(a) ((const struct sockaddr_storage *)(a)) -#define ZT_InetAddress_cast_sockaddr_ptr(a) ((struct sockaddr*)(&(a))) -#define ZT_InetAddress_cast_sockaddr_in_ptr(a) ((struct sockaddr_in*)(&(a))) -#define ZT_InetAddress_cast_sockaddr_in6_ptr(a) ((struct sockaddr_in6*)(&(a))) -#define ZT_InetAddress_cast_sockaddr_storage_ptr(a) ((struct sockaddr_storage*)(&(a))) +#define ZT_InetAddress_cast_sockaddr_ptr(a) ((struct sockaddr *)(&(a))) +#define ZT_InetAddress_cast_sockaddr_in_ptr(a) ((struct sockaddr_in *)(&(a))) +#define ZT_InetAddress_cast_sockaddr_in6_ptr(a) ((struct sockaddr_in6 *)(&(a))) +#define ZT_InetAddress_cast_sockaddr_storage_ptr(a) ((struct sockaddr_storage *)(&(a))) -#define ZT_InetAddress_cast_const_sockaddr_ptr(a) ((const struct sockaddr*)(&(a))) -#define ZT_InetAddress_cast_const_sockaddr_in_ptr(a) ((const struct sockaddr_in*)(&(a))) -#define ZT_InetAddress_cast_const_sockaddr_in6_ptr(a) ((const struct sockaddr_in6*)(&(a))) -#define ZT_InetAddress_cast_const_sockaddr_storage_ptr(a) ((const struct sockaddr_storage*)(&(a))) +#define ZT_InetAddress_cast_const_sockaddr_ptr(a) ((const struct sockaddr *)(&(a))) +#define ZT_InetAddress_cast_const_sockaddr_in_ptr(a) ((const struct sockaddr_in *)(&(a))) +#define ZT_InetAddress_cast_const_sockaddr_in6_ptr(a) ((const struct sockaddr_in6 *)(&(a))) +#define ZT_InetAddress_cast_const_sockaddr_storage_ptr(a) ((const struct sockaddr_storage *)(&(a))) /** * Zero the contents of an InetAddress */ -ZT_SDK_API void ZT_InetAddress_clear(ZT_InetAddress* ia); +ZT_SDK_API void ZT_InetAddress_clear(ZT_InetAddress *ia); /** * Convert an IP/port pair to a string @@ -2882,7 +2898,7 @@ ZT_SDK_API void ZT_InetAddress_clear(ZT_InetAddress* ia); * @param cap Size of buffer, must be at least 64 bytes * @return 'buf' is returned */ -ZT_SDK_API char* ZT_InetAddress_toString(const ZT_InetAddress* ia, char* buf, unsigned int cap); +ZT_SDK_API char *ZT_InetAddress_toString(const ZT_InetAddress *ia, char *buf, unsigned int cap); /** * Parse an InetAddress in IP/port format @@ -2891,7 +2907,7 @@ ZT_SDK_API char* ZT_InetAddress_toString(const ZT_InetAddress* ia, char* buf, un * @param str String to parse * @return Non-zero on success, zero if IP/port is invalid */ -ZT_SDK_API int ZT_InetAddress_fromString(ZT_InetAddress* ia, const char* str); +ZT_SDK_API int ZT_InetAddress_fromString(ZT_InetAddress *ia, const char *str); /** * Set to the value of a sockaddr such as sockaddr_in or sockaddr_in6. @@ -2903,7 +2919,7 @@ ZT_SDK_API int ZT_InetAddress_fromString(ZT_InetAddress* ia, const char* str); * @param ia InetAddress to fill * @param saddr A pointer to a sockaddr */ -ZT_SDK_API void ZT_InetAddress_set(ZT_InetAddress* ia, const void* saddr); +ZT_SDK_API void ZT_InetAddress_set(ZT_InetAddress *ia, const void *saddr); /** * Set raw IP bytes @@ -2913,32 +2929,33 @@ ZT_SDK_API void ZT_InetAddress_set(ZT_InetAddress* ia, const void* saddr); * @param ipLen Length of IP: 4 or 16 for IPv4 or IPv6 * @param port IP port */ -ZT_SDK_API void ZT_InetAddress_setIpBytes(ZT_InetAddress* ia, const void* ipBytes, unsigned int ipLen, unsigned int port); +ZT_SDK_API void +ZT_InetAddress_setIpBytes(ZT_InetAddress *ia, const void *ipBytes, unsigned int ipLen, unsigned int port); /** * Set IP port */ -ZT_SDK_API void ZT_InetAddress_setPort(ZT_InetAddress* ia, unsigned int port); +ZT_SDK_API void ZT_InetAddress_setPort(ZT_InetAddress *ia, unsigned int port); /** * Get IP port, which can also be used as a CIDR in some use cases. */ -ZT_SDK_API unsigned int ZT_InetAddress_port(const ZT_InetAddress* ia); +ZT_SDK_API unsigned int ZT_InetAddress_port(const ZT_InetAddress *ia); /** * Returns non-zero if this InetAddress is nil/zero. */ -ZT_SDK_API int ZT_InetAddress_isNil(const ZT_InetAddress* ia); +ZT_SDK_API int ZT_InetAddress_isNil(const ZT_InetAddress *ia); /** * Returns non-zero if this is an IPv4 address. */ -ZT_SDK_API int ZT_InetAddress_isV4(const ZT_InetAddress* ia); +ZT_SDK_API int ZT_InetAddress_isV4(const ZT_InetAddress *ia); /** * Returns non-zero if this is an IPv6 address. */ -ZT_SDK_API int ZT_InetAddress_isV6(const ZT_InetAddress* ia); +ZT_SDK_API int ZT_InetAddress_isV6(const ZT_InetAddress *ia); /** * Fill buffer with IP address bytes, return length in bytes @@ -2947,12 +2964,12 @@ ZT_SDK_API int ZT_InetAddress_isV6(const ZT_InetAddress* ia); * @param buf Buffer with at least 16 bytes of space (to hold IPv6) * @return 0 on failure or nil, 4 if buf contains IPv4 IP, 16 if buf contains IPv6 IP */ -ZT_SDK_API unsigned int ZT_InetAddress_ipBytes(const ZT_InetAddress* ia, void* buf); +ZT_SDK_API unsigned int ZT_InetAddress_ipBytes(const ZT_InetAddress *ia, void *buf); /** * Classify the network scope of this IP address (local net, global, etc.) */ -ZT_SDK_API enum ZT_InetAddress_IpScope ZT_InetAddress_ipScope(const ZT_InetAddress* ia); +ZT_SDK_API enum ZT_InetAddress_IpScope ZT_InetAddress_ipScope(const ZT_InetAddress *ia); /** * Compare a and b @@ -2961,7 +2978,7 @@ ZT_SDK_API enum ZT_InetAddress_IpScope ZT_InetAddress_ipScope(const ZT_InetAddre * @param b Second InetAddress * @return -1, 0, or 1 if a is less than, equal to, or greater than b */ -ZT_SDK_API int ZT_InetAddress_compare(const ZT_InetAddress* a, const ZT_InetAddress* b); +ZT_SDK_API int ZT_InetAddress_compare(const ZT_InetAddress *a, const ZT_InetAddress *b); /* These mirror the values of AF_INET and AF_INET6 for use by Rust and other things that need it. */ ZT_SDK_API const int ZT_AF_INET, ZT_AF_INET6; @@ -2982,7 +2999,9 @@ ZT_SDK_API const int ZT_AF_INET, ZT_AF_INET6; * @param f Function to invoke with each key and (binary) value * @return Non-zero if dictionary was valid */ -ZT_SDK_API int ZT_Dictionary_parse(const void* dict, unsigned int len, void* arg, void (*f)(void*, const char*, unsigned int, const void*, unsigned int)); +ZT_SDK_API int ZT_Dictionary_parse( + const void *dict, unsigned int len, void *arg, + void (*f)(void *, const char *, unsigned int, const void *, unsigned int)); /* ---------------------------------------------------------------------------------------------------------------- */